A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini’s voice assistant on Android and made it open a victim’s connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory. No malicious app on the phone is…
Tag: poisoned
AI, Apps, Global Security News, malware
AI chatbot recommendations lure users to cryptojacking malware sites
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark, K-Lite Codec Pack, and PDFgear. Screenshot of search engine results showing a malicious source of…
AI, Global Security News, malware, Network Security, Risk Management, Russia
How cybersecurity firms took down Glassworm botnet in one shot
Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing…
AI, Apps, Data Breaches, Exploits, Global Security News, malware, Risk Management
Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack
Attackers have poisoned four Laravel-Lang Composer packages by rewriting hundreds of Git tags, putting many Laravel apps at risk. Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions. Laravel-Lang is a community-driven project that provides translation and localization files for Laravel applications. The…
AI, Global Security News
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically…
AI, Global Security News
GitHub ‘OpenClaw Deployer’ Repo Delivers Trojan Instead
An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.
AI, Global Security News
Malicious Next.js Repos Target Developers Via Fake Job Interviews
Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.
AI, Cybersecurity, Data Breaches, Global Security News, privacy
Poisoned Calendar invites, ChatGPT, and Bromide
A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after ChatGPT told him to season his food with… pesticide, and some thoughts on Superman’s latest cinematic outing. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley, joined this…