Security researchers have identified a new malware operation, tracked as SHADOW#REACTOR, that uses a carefully layered infection process to install Remcos RAT, a commercially available remote access trojan widely abused by cybercriminals. The campaign relies on a stealthy, multi-step execution…
A serious security vulnerability has been identified in ServiceNow that affects its AI and virtual agent components, raising concerns about how agentic AI systems can be abused inside enterprise environments. The issue impacts the following ServiceNow components and versions: The…
Threat Intelligence / Identity Security The security world often fixates on what’s new. AI-driven attacks. Post-quantum cryptography. Zero-trust frameworks. Yet when you step back and look at what’s actually working for attackers in 2025, the picture is far less futuristic.…
Artificial Intelligence / Automation Security AI systems have moved far beyond assisting developers with suggestions. Today’s AI agents can write code, execute it, test applications, and deploy updates with little to no human involvement. Platforms such as Copilot, Claude Code,…
Security researchers have uncovered a harmful Google Chrome extension that targets users of MEXC, a centralized cryptocurrency exchange operating in more than 170 countries. The extension pretends to be a trading automation tool but is designed to quietly steal sensitive…
Cybersecurity researchers have uncovered a large-scale web skimming operation that has been running quietly since January 2022. The campaign targets online payment environments connected to major card networks, including American Express, Diners Club, Discover, JCB, Mastercard, and UnionPay. According to…
Cybersecurity is no longer just an IT issue. It is now a boardroom priority, reshaping how businesses plan growth, manage risk, and protect revenue. As companies push deeper into cloud services, remote work, AI tools, and online transactions, cyber threats…
Anthropic has rolled out a new set of health-focused capabilities for its Claude chatbot, giving users tools to better interpret and manage their personal medical information. The update, introduced under a program called Claude for Healthcare, allows U.S.-based subscribers on…
A renewed surge of attacks linked to the GoBruteforcer botnet is actively targeting servers used by cryptocurrency and blockchain projects. The campaign focuses on hijacking poorly secured systems and turning them into part of a distributed botnet used to brute-force…
Security researchers have uncovered a malicious campaign involving fake npm packages designed to impersonate integrations for the n8n workflow automation platform. The goal is simple but dangerous: steal OAuth tokens and sensitive credentials from developers and organizations. Investigators identified at…
European law enforcement authorities have arrested 34 people in Spain over their alleged links to Black Axe, a transnational criminal organization long associated with cyber crime and other serious offenses. Europol said the arrests followed a coordinated operation led by…
An Iranian-linked hacking group known as MuddyWater has been connected to a new spear-phishing operation aimed at organizations in the diplomatic, maritime, financial, and telecommunications sectors across the Middle East. The activity centers on a Rust-based malware implant researchers have…
The Cybersecurity and Infrastructure Security Agency (CISA) has officially closed ten Emergency Directives after determining that required remediation actions have been completed or are now enforced through broader federal vulnerability management policies. The directives, which span incidents and vulnerabilities disclosed…
Trend Micro has rolled out security updates to fix several serious flaws affecting on-premise deployments of Apex Central for Windows. Among them is a critical vulnerability that could allow attackers to execute malicious code with the highest system privileges. The…
As organizations prepare for 2026, cybersecurity predictions are everywhere. But many of these outlooks are shaped by headlines and speculation rather than solid evidence. The real challenge is no longer finding predictions. It is figuring out which ones point to…
Researchers uncovered a phishing setup that relies on a concealed HTML form element containing a webhook[.]site URL. JavaScript embedded in the page quietly sends a “page opened” signal, captures any credentials entered by the victim, and forwards them to the…
If you’re using the @adonisjs/bodyparser npm package, you should update to the latest version. A newly disclosed high-severity vulnerability could allow a remote attacker to write arbitrary files on your server if they can reach a file upload endpoint. The…
n8n recently introduced a task runner-based native Python option to improve security isolation. This feature first appeared in version 1.111.0 as an optional setting and could be turned on using the environment variables N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER. With the release of…
Several popular AI-driven code editors built on Visual Studio Code are raising new supply-chain security concerns after researchers found they recommend extensions that don’t actually exist in the Open VSX registry. The affected tools include VS Code forks such as…
There was a time when identity lived in one place. A single LDAP directory, an HR database, or one IAM portal handled who could access what. That reality is gone. Today, identities are scattered across SaaS platforms, on-prem systems, cloud…
