Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
CNBC

Pfizer says obesity injection shows promise as monthly treatment in mid-stage trial

Pfizer said its experimental obesity drug, which it acquired through Metsera, drove solid weight loss when taken once a month in a mid-stage trial. The data offer early evidence that the injection can ...
CSOonline

This stealthy Windows RAT holds live conversations with its operators

Security researchers at Point Wild have disclosed a new Windows malware campaign that uses a multi-stage infection chain to establish persistent, memory-resident access on compromised systems and ...
Medscape

Flu Vaccine Options: Nasal vs Injection

Nasal vaccines offer an option to those afraid of needles, situations where mass vaccination is required, or for those seeking an at-home option, but there are restrictions on who should receive the ...
Science Daily

Injection turns sleeping tumor immune cells into cancer fighters

KAIST researchers have developed a way to reprogram immune cells already inside tumors into cancer-killing machines. A drug injected directly into the tumor is absorbed by macrophages, prompting them ...
Jalopnik

The Pros And Cons Of Swapping A Carburetor For Fuel Injection

Electronic fuel injection revolutionized the auto industry in the 1980s. It came to replace the carburetor in the task of sending fuel to the engine's cylinders but it does much more: it controls ...
IEEE

Shellcode Generation: A Resource Efficient Approach using Fine-tuned LLMs

Abstract: In order to create better shellcode for offensive cybersecurity, this study investigates the use of large language models (LLMs) such as Mistral and Llama. It focuses on LLM optimizations to ...
Ars Technica

Syntax hacking: Researchers discover sentence structure can bypass AI safety rules

Researchers from MIT, Northeastern University, and Meta recently released a paper suggesting that large language models (LLMs) similar to those that power ChatGPT may sometimes prioritize sentence ...
winbuzzer.com

Fake Windows Update Notifications: ClickFix Malware Campaign Uses PNG Steganography to ...

Cybercriminals have rapidly pivoted to a new evasion technique following Microsoft’s recent crackdown on malicious email attachments. Just weeks after Outlook began blocking inline Scalable Vector ...