The Hacker News

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and Google Drive-based C2.
Security Boulevard

Fake Huorong security site infects users with ValleyRAT

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0 framework, to users who believed ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
GitHub

Rust for Malware Development

Named Pipes Interprocess communication using named pipes on Windows. Api Hooking API Hooking Using Trampoline. PE Analyzer Extract PE information via CLI. PEB Offset Finder Find PEB Offsets for ...

Hackers Pose as IT Staff in Microsoft Teams to Install Malware

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy ...

Microsoft Teams phishing targets employees with A0Backdoor malware

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote ...
The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...
GitHub

A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload.

I will be building this project up as I learn, discover or develop more techniques. Note: The project is not intended to be used as-is. If you are going to use any of the techniques there is a better ...