The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
GitHub

Stealth DLL Injector — Manual Mapping + NT API Stealth Layer — Wy Edition

This project is a fork of TRE OR5 by s0mbra-1973, now evolved into TRE OR Wy. Huge thanks to s0mbra-1973 and BLaCKaSS for creating the original TRE OR Injector — the foundation that made all of these ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
CNBC

Pfizer says obesity injection shows promise as monthly treatment in mid-stage trial

Pfizer said its experimental obesity drug, which it acquired through Metsera, drove solid weight loss when taken once a month in a mid-stage trial. The data offer early evidence that the injection can ...