New Yurei ransomware shows how flawed open-source threats still cause real harm.

Stairwell expands CISA’s Salt Typhoon YARA rules, uncovering 637 new malware variants.

New npm supply-chain YARA rules out—chalk/debug + Shai-Hulud worm. Retrohunt now!

Detecting CastleBot: YARA insights on TAG-150’s modular backdoor.

SVGs are malware’s newest disguise—Stairwell spots what your filters miss.

Threat hunting YARA rule for DarkCloud stealer and related malware variants.

Detect RedDirection’s Chrome/Edge malware with Stairwell’s YARA rule

Detecting ToolShell webshell variants in SharePoint attacks using YARA and Hilbert curves.

Getting started with macOS malware reversing using open-source tools like Ghidra and Radare2.

New YARA rules released as Stairwell exposes 53 stealthy Prometei variants.

Detect Swift-based macOS malware with our TodoSwift YARA rule and instant file search.

18 verified browser extensions were malware—Stairwell finds them on devices in seconds.

Stealthy tool disables Windows Defender via WSC API—Stairwell offers YARA rule for detection.

Prevent hidden threats with Stairwell’s Downdate downgrade protection system.

Background on the new OpenSSH vulnerability and how Stairwell can help