Abstract: With the expansion of attacks, computer security has become a primary focus in protecting users’ privacy. When attacking a system, attackers must keep their remote shell active to perform ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Abstract: NoSQL injection is a security vulnerability that allows attackers to interfere with an application’s queries to a NoSQL database. Such attacks can result in bypassing authentication ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

The size of the reflective loader is approximately 4KB. Does not release the memory that was allocated by the injector, nor does it remove any existing RWX permissions set by the user injector, if ...

Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ...

Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.