Fake OpenClaw npm Package Found Delivering RAT and Data-Stealing Malware Security researchers have uncovered a dangerous npm package posing as an installer for OpenClaw. Instead of installing legitimate software, the package secretly deploys malware designed to steal sensitive information and…
Pakistan-Linked Hackers Turn to AI to Produce Large Volumes of Malware A cyber-espionage group believed to be aligned with Pakistan, commonly tracked as Transparent Tribe (APT36), has begun using artificial intelligence coding tools to accelerate the development of malware used…
Silver Dragon Hackers Target Governments and Organizations in Global Cyber Espionage Campaign Cybersecurity researchers have uncovered a sophisticated hacking group known as Silver Dragon, which has been carrying out cyber-espionage operations against organizations in Europe and Southeast Asia since at…
Security researchers have uncovered several serious vulnerabilities in Anthropic’s Claude Code, an AI-powered coding assistant, that could let attackers run commands on a developer’s machine and steal sensitive API credentials. According to findings from Check Point Research, the weaknesses stem…
⚠️ New Cyber Espionage Operation Targets Organizations Across MENA Security analysts have uncovered a fresh wave of cyberattacks attributed to the Iran-aligned hacking group commonly tracked as MuddyWater. The campaign, dubbed Operation Olalampo, is primarily focused on organizations and individuals…
🛑 Cyber Threat Landscape 2026: Key Findings from New Research A newly released security study examining over 1.1 million malicious files and 15.5 million attack events reveals a major shift in attacker behavior. Roughly four out of five of the…
Microsoft security researchers have uncovered an advanced evolution of the ClickFix social engineering technique, revealing how attackers are now using DNS requests to secretly pull malicious payloads onto victims’ computers. The new approach reduces reliance on typical web downloads, making…
For years, ransomware encryption has been treated as the clearest warning sign of a cyberattack. Locked files, halted operations, public fallout. But new research suggests the industry may be focusing too much on visible damage while a more dangerous shift…
North Korean IT operatives are taking their remote work scams a step further. Instead of relying only on fake profiles, they are now submitting job applications using real LinkedIn accounts stolen or impersonated from legitimate professionals. According to the Security…
Ivanti has released emergency security updates for two critical vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) after confirming the flaws have been exploited in real-world zero-day attacks. One of the vulnerabilities has also been added to the CISA Known Exploited…
