Pakistan-Linked Hackers Turn to AI to Produce Large Volumes of Malware A cyber-espionage group believed to be aligned with Pakistan, commonly tracked as Transparent Tribe (APT36), has begun using artificial intelligence coding tools to accelerate the development of malware used…
Fake IT Support Calls Used to Deploy Havoc Malware in Targeted Cyber Attacks Security researchers have uncovered a new cyberattack campaign in which attackers pose as IT support staff to trick victims into granting remote access to their systems. Once…
CISA Adds VMware Aria Operations Flaw to Exploited Vulnerabilities List The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a newly discovered security flaw affecting Broadcom VMware Aria Operations, adding the vulnerability to its Known Exploited…
Silver Dragon Hackers Target Governments and Organizations in Global Cyber Espionage Campaign Cybersecurity researchers have uncovered a sophisticated hacking group known as Silver Dragon, which has been carrying out cyber-espionage operations against organizations in Europe and Southeast Asia since at…
Security researchers have uncovered several malicious packages on the Packagist PHP repository that pretend to be useful Laravel development tools but actually install a dangerous remote access trojan (RAT). The infected packages were designed to look like legitimate utilities for…
AI Governance Is Becoming a Priority, But Many Companies Still Don’t Know What to Secure Artificial intelligence is rapidly becoming a core driver of productivity inside modern organizations. From automated research tools to AI-powered coding assistants, businesses are integrating AI…
Cybersecurity researchers have uncovered a powerful exploit framework known as Coruna, also referred to as CryptoWaters, that has been used to attack Apple iPhones running older versions of iOS. According to researchers from the Google Threat Intelligence Group (GTIG), the…
Security researchers have uncovered several serious vulnerabilities in Anthropic’s Claude Code, an AI-powered coding assistant, that could let attackers run commands on a developer’s machine and steal sensitive API credentials. According to findings from Check Point Research, the weaknesses stem…
Google has revealed that it worked alongside industry partners to dismantle the infrastructure of a suspected China-linked cyber espionage group known as UNC2814. The group is believed to have compromised at least 53 organizations in 42 countries, with additional suspected…
⚠️ New Cyber Espionage Operation Targets Organizations Across MENA Security analysts have uncovered a fresh wave of cyberattacks attributed to the Iran-aligned hacking group commonly tracked as MuddyWater. The campaign, dubbed Operation Olalampo, is primarily focused on organizations and individuals…
⚠️ Massive Supply-Chain Attack Targets Developers via Malicious npm Packages Security researchers have uncovered an active software supply-chain campaign spreading through the npm ecosystem that behaves like a self-propagating worm. The operation relies on at least 19 malicious packages designed…
⚠️ Why LLM Infrastructure Is Becoming a Major Security Risk As more organizations deploy their own Large Language Models (LLMs), the real danger is shifting away from the models themselves and toward the systems that surround them. To keep AI…
🛑 Cyber Threat Landscape 2026: Key Findings from New Research A newly released security study examining over 1.1 million malicious files and 15.5 million attack events reveals a major shift in attacker behavior. Roughly four out of five of the…
Researchers from the Chinese Academy of Sciences and Nanyang Technological University have unveiled a new defense system called AURA designed to protect valuable knowledge graphs used in advanced AI applications from theft and misuse. Instead of trying to block attackers…
A powerful new edition of the notorious LockBit ransomware is spreading across corporate networks, posing a serious threat to organizations around the globe. Dubbed LockBit 5.0, the updated strain expands its reach by attacking multiple operating systems, including Windows, Linux,…
Security researchers have uncovered a new social engineering campaign aimed at macOS users that delivers credential-stealing malware through a highly refined version of the ClickFix technique. The operation, dubbed “Matryoshka,” uses multiple layers of hidden code to slip past security…
Security researchers are warning of widespread exploitation targeting a severe remote code execution vulnerability in Ivanti Endpoint Manager Mobile (EPMM). The flaw, identified as CVE-2026-1281, allows attackers to take control of vulnerable systems without authentication and is already being used…
Cybercriminals are exploiting excitement around the Milano Cortina 2026 Winter Olympics by launching dozens of fraudulent online stores designed to steal shoppers’ money, payment details, and personal information. Security researchers warn that the campaign specifically targets fans searching for official…
A newly identified cyber espionage group has launched coordinated attacks against Ukrainian institutions using a previously undocumented malware strain known as CANFAIL, according to security researchers. The activity appears to focus on critical sectors tied to national security and infrastructure.…
Microsoft security researchers have uncovered an advanced evolution of the ClickFix social engineering technique, revealing how attackers are now using DNS requests to secretly pull malicious payloads onto victims’ computers. The new approach reduces reliance on typical web downloads, making…
