Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Learn how malicious AI agent skills easily bypass static scanners. Discover how runtime checking secures tools like Claude ...
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Building on the urgency outlined in the first article, this second piece - “25 Years of Evolving Battlefields: How Innovation Shapes Cyber Threats and Security” - examines the evolution of ...
Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate developer API keys. The operation targets software engineering teams ...
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
A fake Bithumb email used in the $36 million Humanity Protocol hack points to the involvement of North Korean threat actors, according to Quantstamp. A malicious attachment delivered through a ...