One of the best parts about using Android is the good old-fashioned geeky fun that comes with finding new ways to improve your digital environment — and improve your day-to-day efficiency. That capability manifests itself in all sorts of interesting freedoms that (cough, cough) other mobile platforms don’t trust their users enough to allow —…
Tag: using
AI, Endpoint, Global Security News
AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. […]
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Organizations using Claude Code GitHub Actions should review their CI/CD environments after a researcher found vulnerabilities that could expose repositories to compromise and supply chain attacks. The flaws, which have since been patched, allowed attackers to bypass permission controls and inject untrusted input into trusted workflows. These vulnerabilities allow “… an attacker [to] bypass its…
Global Security News, malware
New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions
GoDaddy researchers found WordPress malware using Steam Community profile comments to hide encoded command and control data, with nearly 1,980 sites affected.
AI, Apps, Global Security News, malware, Network Security
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is…
AI, Apps, Exploits, Global Security News, Risk Management
Flowise’s MCP implementation can run ghost commands
Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads have a new near-max severity issue to worry about. Researchers at Obsidian Security have detailed a one-click remote code execution (RCE) vulnerability affecting self-hosted Flowise deployments through its implementation of Model Context Protocol (MCP) stdio servers. The problem is essentially a sandboxing failure…
AI, Global Security News, malware
Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives
Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users’ browser, crypto, and Discord data.
AI, Apps, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
The Pentagon Finally Admits That Location Data Is a Battlefield Problem
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence analysts have been warning about the same thing: smartphone location data isn’t just an advertising product. It’s surveillance infrastructure that anyone with enough money can access.…
Global Security News
The Google Engineer Accused of Risking It All With an Insider Polymarket Bet
Michele Spagnuolo, the Google engineer accused of using company data to bet on Polymarket, had a long list of enviable accomplishments
AI, Exploits, Global Security News, Network Security
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability. “The attacker compromised an internet-reachable Marimo notebook via CVE-2026-39987, extracted two cloud credentials from the compromised
AI, china, Global Security News
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe
AI, Global Security News, malware
Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most uploaded threat to two DShield sensors (local and cloud) over the past year. I have sorted the activity by months that shows the evolution of files uploaded to the sensors…
Global Security News
Google Employee Charged With Insider Trading on Polymarket
Federal prosecutors allege a software engineer made more than $1 million using nonpublic information to bet on who would be the most-searched people of 2025.
AI, Apps, Global Security News, malware
AI chatbot recommendations lure users to cryptojacking malware sites
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark, K-Lite Codec Pack, and PDFgear. Screenshot of search engine results showing a malicious source of…
AI, Global Security News
Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in person while posing as IT staff, the FBI warns. The group, also known as Luna Moth, Chatty Spider, and UNC3753, has been active since at least 2022 and has targeted…
Global Security News, privacy, Risk Management
What to consider before asking an AI chatbot for health advice
Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe.
AI, Global Security News
PureLogs Variant Steals Data via Purchase Order Lures
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing
Global Security News, malware
Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
Cybercriminals are using SEO poisoning and fake Gemini and Claude installer sites to infect developers with fileless malware and steal data.
AI, Apps, Cloud Security, Compliance, Exploits, Global Security News, malware, Risk Management
Well-architected best practices for software supply chain security
There have been multiple notable supply chain attacks using the npm Registry since September: Shai-Hulud, Chalk/Debug, one abusing tea.xyz tokens, and recently axios. Thanks to community efforts involving the Amazon Inspector team, the Open Source Security Foundation, and others, the affected packages were quickly flagged, which reduced the impact of these incidents. Supply chain attacks…
AI, Cybersecurity, Europe, Exploits, Global Security News, malware
Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers
Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have…
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Lazarus APT unveils fileless remote access Trojan designed to evade detection
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…
AI, Global Security News, privacy, Risk Management
Turns out the C-suite loves shadow AI
Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, according to TrustedTech’s Shadow AI in the Workplace report. The study found that 65% of decision-makers use shadow AI, compared with 31% of employees below decision-maker level.…
Cybersecurity, Global Security News
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.
AI, Global Security News, Network Security
‘Underminr’ exploitation poses similar risks to domain fronting, researchers say
ADAMnetworks estimates about 42% of domains could be abused using the technique.
AI, Cybersecurity, Global Security News, malware
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
Global Security News
Identity Alone Isn’t Enough: Why Device Security Has to Share the Load
Identity checks alone can’t stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on continuous device verification. […]
AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia
Poland shifts away from Signal following cyberattacks on officials’ accounts
Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed government officials to stop using Signal for sensitive communications and move to a state-developed alternative. The decision follows repeated cyberattacks targeting Signal accounts belonging to politicians, military personnel, and public servants. Officials believe the campaigns…
AI, Global Security News, Government & Policy
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for…
AI, Compliance, Global Security News, Risk Management
Workday: AI is Faster, but Making Work Busier
Workday recently released new research that found that while employees are using AI in their work, the technology’s impact is limited, as it has made them busier. Workers report more time connecting systems as AI adoption expands According to the report, titled “The Copy/Paste Economy: Why Task-Oriented AI is Failing the Enterprise,” 8 in 10…
Global Security News, malware
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.
AI, Exploits, Global Security News
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. […]
AI, APAC, Cloud Security, Compliance, Europe, Global Security News, Risk Management
Introducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI Adoption
The financial services industry (FSI) is using AI to transform how financial institutions serve their customers. AI solutions can help proactively manage portfolios, automatically refinance mortgages when rates decrease, and negotiate insurance premiums for customers. However, this adoption brings new governance, risk, and compliance (GRC) considerations that organizations need to address. To help FSI customers…
AI, Exploits, Global Security News
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation. The activity is said…
AI, Exploits, Global Security News
Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
AI, Global Security News
Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware
Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices.
AI, Compliance, Global Security News
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
AI, Compliance, Global Security News
Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts
Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender Research team. The email campaign targeted more than 35,000 users across 13,000 organizations in 26 countries, but concentrated primarily on targets in the United States. Microsoft didn’t say…
Cybersecurity, Data Breaches, Global Security News
Controlling Data Breach And The Use Of DRM For Document Security
This post will reveal how to control the aftermath of a data breach by using DRM for document security. Gathering physical and digital evidence to correlate data from multiple sources to piece together a data breach incident is crucial in evaluating how and when the incident occurred. The evidence can show if someone had infiltrated…
Global Security News
45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks.
AI, Global Security News
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly…
AI, Global Security News
Sage Futures 2026 Highlights AI Opportunity for Partners
Sage is using its Futures 2026 announcements to sharpen the role of channel partners in AI adoption, with new tools, marketplace capabilities, and expanded PwC collaboration to help finance customers move from experimentation to practical deployment. Channel Insider spoke with Nancy Sperry, Sage’s vice president of US partner sales, about the company’s continuing investment in…
AI, Global Security News
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems…
AI, Global Security News
Ariella Heffernan-Marks On Ovum AI: The First AI Health Partner For Women
iTWire TV: iTWire went to Southstart in Adelaide and learned about Dr Heffernan-Marks views on using AI for good and without bias or halucinations.
AI, Global Security News
New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks
Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.
AI, Data Breaches, Global Security News
Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen
A hacker using the alias “Xorcat” claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident.
AI, Global Security News
AI prompt confidentiality and false citations worry researchers
Academic researchers using commercial AI tools for literature review and idea generation are sending unpublished research questions, draft hypotheses, and proprietary domain knowledge into systems whose data handling they do not understand. A think-aloud study of 15 researchers documents the workarounds these users have built to manage what they see as unresolved confidentiality and output…
AI, Global Security News, malware
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
AI, Cybersecurity, Global Security News, Risk Management
Shadow AI is Creating New Security Blind Spots for Australian Organisations
GUEST OPINION: Employees are increasingly using artificial intelligence (AI) tools at work, often without formal approval or oversight. A Gartner survey of cybersecurity leaders revealed that 69% of organisations suspect or have evidence that employees are using prohibited public GenAI. This ‘shadow AI’ is emerging as a new source of risk for Australian organisations, as sensitive…
AI, Global Security News, malware
UNC6692 Combines Social Engineering, Malware, Cloud Abuse
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom “Snow” malware in a multipronged campaign.
AI, china, Global Security News, Government & Policy, malware
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia using Go-based malware, loaders, and backdoors. ESET researchers uncovered a new China-aligned APT group called GopherWhisper, targeting government institutions in Mongolia. The group’s arsenal includes a range of tools mainly written in Go, such as loaders and injectors, which are used to deploy multiple…
Global Security News
Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Research from Infoblox reveals a massive Click2SMS fraud scheme using fake CAPTCHAs and back button hijacking to trick victims into sending costly international texts.
Cybersecurity, Global Security News, malware
New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thusday. “The [Firestarter] malware (…) is relevant for both Cisco Firepower and Secure Firewall devices; however, CISA has only observed a successful implant of the malware in the…
Global Security News
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. […]
AI, Global Security News
The Hunt for Extraterrestrial Life Enters a New Frontier
Scientists are using advanced telescopes, models and AI to help them look for signs of life beyond Earth, including in distant solar systems.
Global Security News, malware
Harvester APT Expands Spying Operations with New GoGra Linux Malware
New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.
AI, Global Security News, Government & Policy
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. […]
AI, Exploits, Global Security News, malware, Network Security, Risk Management
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers
Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting a command injection vulnerability, tracked as CVE-2025-29635, in discontinued D-Link routers, Akamai reports. The flaw allows attackers to inject commands because an attacker-controlled value is copied without…
Global Security News
MacOS Native Tools Enable Stealthy Enterprise Attacks
macOS LOTL techniques bypass detection using native tools and metadata abuse
Global Security News
Mustang Panda Hits India and S. Korea with Updated LOTUSLITE Backdoor
Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.
AI, APAC, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security
Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered
Two weeks after researchers using an AI tool discovered a major hole in Apache’s ActiveMQ messaging middleware, there are still thousands of unpatched instances open to the internet, more evidence that many application developers and IT leaders aren’t paying close attention to warnings about vulnerabilities. While the remote code injection vulnerability [CVE-2026-34197] was revealed on…
Cybersecurity, Global Security News
How U.S. Companies Scale Faster with Agile Thinking and Global Talent
Learn how U.S. companies build scalable agile development teams using global talent. Discover strategies for workflows, collaboration, and faster product growth. There’s a difference between moving fast—and staying fast. Many companies launch with speed. Small teams, quick decisions, rapid execution. But as the business grows, that speed often fades. Processes become heavier. Communication slows. Releases…
AI, Cybersecurity, Global Security News
Can You Get Banned for Using Story Viewers?
In this post, I will answer the question – can you get banned for using story viewers? People worry about story viewers for a reason. Instagram makes normal Story views visible to the account owner, warns users to be careful with third party apps and websites, and says data scraping goes against its Terms of…
AI, Global Security News, malware
A .WAV With A Payload, (Tue, Apr 21st)
There have been reports of threat actors using a .wav file as a vector for malware. It’s a proper .wav file, but they didn’t use staganography. The .wav file will play, but you’ll just hear noise: That’s because the TAs have just replaced the bytes that encode the sound with the BASE64 representation of their…
AI, Global Security News
How to spot a North Korean fake in a job interview
North Korean operatives are getting hired at companies by passing job interviews using fake identities and AI tools. In this Help Net Security video, Adrian Cheek, a senior cybercrime researcher at Flare, outlines several ways organizations can catch these attempts before extending an offer. Basic video checks, like asking candidates to move their head or…
AI, Global Security News
Affinda Launches No-code AI Integration Agent, Unlocking Document Automation At Scale
Agent delivers seamless integration in minutes using natural language – enabling high-stakes organisations of all sizes to move faster and tech teams to prove concepts quickly
Endpoint, Global Security News
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint security. […]
AI, Global Security News, privacy
Google wipes out 602 million scam ads with Gemini on duty
Google claims that its security teams work around the clock using its Gemini AI models to detect and stop harmful ads. “Bad actors are using generative AI to create deceptive ads at scale, and Gemini helps us detect and block them in real time” Keerat Sharma, VP and GM, Ads Privacy and Safety, Google, said.…
AI, Global Security News
Google expands Gemini AI use to fight malicious ads on its platform
Google says it is increasingly using its Gemini AI models to detect and block harmful ads on its advertising platforms, as scammers and threat actors continue to evolve their tactics to evade detection. […]
AI, Global Security News, Government & Policy, privacy, Risk Management
Anthropic tests user trust with ID and selfie checks for Claude
Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI race, Anthropic risks undermining its positioning, as competitors such as OpenAI’s ChatGPT and Google’s Gemini do not…
AI, Global Security News, malware
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems.
Global Security News
Try the new Gemini for Home voice assistant
Google is starting the early access rollout of the Gemini for Home voice assistant in Australia. Using Gemini for Home in early access means you’re a crucial part of building it. Please share your feedback, either in the Google Home app or by just saying “Hey Google, send feedback,” as we make regular improvements to help us create a…
Global Security News
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity to trick users into downloading a ZIP archive presented as a “pro version” installer. The…
Exploits, Global Security News
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months.
Europe, Global Security News
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
Global Security News
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
AI, Cybersecurity, Global Security News
Common Mistakes to Avoid When Using Walk-Through Metal Detectors
Discover the most common mistakes when using walk-through metal detectors and learn how to improve security, accuracy, and performance with expert tips. In an age where security threats are becoming increasingly sophisticated, walk-through metal detectors have evolved into a frontline defense tool across airports, offices, public venues, and high-security zones. While these systems are designed…
Global Security News
UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data.
Global Security News
New VENOM phishing attacks steal senior executives’ Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called “VENOM” are targeting credentials of C-suite executives across multiple industries. […]
Exploits, Global Security News
Claude Code Can Be Manipulated via CLAUDE.md to Run SQL Injection Attacks
LayerX researchers have discovered how to bypass Claude Code’s safety rules using the CLAUDE.md file. This exploit allows…
Global Security News, malware
New macOS Malware notnullOSX Targets Crypto Wallets Over $10K
macOS Malware notnullOSX targets crypto wallets over $10K, using fake apps, Terminal tricks, and backdoors to steal funds and sensitive data.
Exploits, Global Security News
Hackers exploiting Acrobat Reader zero-day flaw since December
Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. […]
AI, Global Security News
Hackers use pixel-large SVG trick to hide credit card stealer
A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image. […]
AI, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) is running a spear-phishing campaign against Ukraine and its allies, deploying a new malware suite called PRISMEX. Active since September 2025, the campaign uses advanced stealth techniques like steganography and…
AI, Global Security News
Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities
Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software
AI, Global Security News, malware
New ClickFix Attack Uses Node.js Malware via Tor to Steal Crypto
Netskope Threat Labs report a new ClickFix attack using fake CAPTCHAs to deploy Tor-backed NodeJS malware and drain crypto wallets on Windows.
Global Security News, malware
Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware
REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit.
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Microsoft…
AI, Global Security News
As breakout time accelerates, prevention-first cybersecurity takes center stage
Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy.
AI, Global Security News
Shadow AI in Healthcare is Here to Stay
Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius.
Global Security News
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro. Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,”
AI, APAC, Global Security News
Anthropic cuts OpenClaw access from Claude subscriptions, offers credits to ease transition
Anthropic has blocked paid Claude subscribers from using the widely used open-source AI agent OpenClaw under their existing subscription plans, a move that took effect April 4 and has drawn pushback from subscribers who question both the cost implications and the company’s stated rationale. In an email to subscribers reviewed by InfoWorld, Anthropic said access…
AI, Global Security News, malware
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
Global Security News
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. […]
Global Security News
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. […]
Global Security News
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. “Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Crowdstrike 2026 Global Threat Report: Adversaries Use AI to Bypass Defenses
Attackers are moving faster, blending in better, and increasingly using AI to stay ahead of defenders. The Crowdstrike 2026 Global Threat Report highlights a shift toward stealthy, identity-driven attacks that are harder to detect and quicker to execute. “This is an AI arms race. Breakout time is the clearest signal of how intrusion has changed.…
AI, Compliance, Funding, Global Security News, Government & Policy, Risk Management
House Dems decry confirmed ICE usage of Paragon spyware
Immigration and Customs Enforcement has confirmed it is using Paragon spyware, prompting outrage Thursday from a trio of House Democrats. In response to a letter from the lawmakers inquiring about Paragon’s use, acting ICE Director Todd Lyons wrote that he had authorized the use of “cutting-edge technological tools” to help the Homeland Security Investigations division…
Exploits, Global Security News, malware
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. […]
AI, Data Breaches, Global Security News
Yurei Ransomware Uses Common Tools, Adds Stranger Things References
Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Things–named payloads to breach and encrypt systems.