New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...
The Hacker News

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Indian users face a cyber espionage campaign using tax phishing, Blackmoon malware, and abused SyncFuture TSM tools for ...
Security Boulevard

APT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL | Part 1

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
GitHub

l-urk/CVE-2024-6387

🔒 CVE-2024-6387 regreSSHion remote code execution vulnerability exploit script usage: regreSSHion.py [-h] -i IP -p PORT [-t] [-c] [-d] [-r] [-x] [-y] [-z] 🔒 CVE ...
IEEE

Identification of Arbitrary Length Shellcode for the Intel x64 Architecture as a NOP Sled

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...
Cybernews

India hit by China-linked phishing campaign, unleashes malware to create long-term spy backdoor

A newly-uncovered espionage campaign aimed at targeted individuals is using phishing emails that impersonate the Government of India.
TechBooky

How Hackers Spread RAT Malware via DLL Sideloading in LinkedIn Messages

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...
GitHub

Splitting and executing shellcode across multiple pages

Target shellcode is a PopCalc by Bobby Cooke (boku). The purpose of this PoC is to demonstrate signature evasion by allocating multiple (whole) pages for a relatively small encoded shellcode, ...