The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news. Regardless, they agree that infosec leaders need to educate employees about ...

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

In iOS 26, Apple Maps has a feature called Visited Places that when enabled automatically logs where you've been, with the aim of making it easier to revisit your favorite spots or to share locations ...

Garuda is a PowerShell-based threat hunting and investigation framework that transforms raw Sysmon events into structured, actionable intelligence for Windows environments. Garuda serves as both an ...

基于Node.js的MCP服务器，支持Windows终端（CMD和PowerShell）执行命令并管理会话。 ai-terminal-mcp/ ├── 📄 server.js # MCP服务器主入口 ├── 📄 test_mcp_client.js # 测试客户端 ├── 📄 package.json ...