Anthropic’s Claude Code AI assistant performed 80% to 90% of the tasks involved in a recent cyber-attack campaign, said Anthropic researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code
Category: EN
Formbook Malware Campaign Uses Malicious ZIP Files and Layered Scripting Techniques
A new campaign leveraging Formbook malware has emerged, showcasing sophisticated multi-stage infection tactics that underscore the importance of analyzing more than just executable files during malware investigations. When teaching malware reverse-engineering in courses like SANS FOR610, it’s critical to addressed…
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors
The Washington Post has publicly disclosed a significant data breach involving external hacking of its Oracle E-Suite system, impacting over 9,700 employees and contractors worldwide. The breach notification, filed with Maine’s Attorney General, reveals the incident occurred on July 10,…
Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years
Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages published across at least eleven user accounts over almost two years.…
Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands
Cisco has released security updates to address two critical vulnerabilities in Unified Contact Center Express (Unified CCX) that could allow unauthenticated attackers to execute arbitrary commands with root privileges and bypass authentication mechanisms. The flaws, tracked as CVE-2025-20354 and CVE-2025-20358,…
Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based data exfiltration. The kit targets explicitly Aruba S.p.A., an Italian IT services provider serving over 5.4 million…
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date. 1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure. 14 new ransomware brands launched this…
The Future of Passwords: Kill Them in the Flow, Keep Them in the Constitution
Passkeys beat passwords in security and usability, but recovery gaps create new risks. Explore why digital identity still needs a constitutional backstop beyond passkeys. The post The Future of Passwords: Kill Them in the Flow, Keep Them in the Constitution appeared first on Security Boulevard. This article has been indexed from Security Boulevard…
Akira Ransomware Haul Surpasses $244M in Illicit Proceeds
Akira ransomware has extorted $244M since September 2025, with some attacks exfiltrating data in just two hours, a joint cybersecurity advisory warns This article has been indexed from www.infosecurity-magazine.com Read the original article: Akira Ransomware Haul Surpasses $244M in Illicit…
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion…
Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign
A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign. The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb WAF that could allow an attacker to take over admin accounts and completely compromise a device. “The watchTowr team is seeing active, indiscriminate in-the-wild exploitation of…
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a “highly sophisticated espionage campaign” in mid-September 2025. “The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree –…
Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs
Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems…
Security Degradation in AI-Generated Code: A Threat Vector CISOs Can’t Ignore
A new study shows LLMs introduce more vulnerabilities with each code iteration, highlighting critical risks for CISOs and the need for skilled human oversight. The post Security Degradation in AI-Generated Code: A Threat Vector CISOs Can’t Ignore appeared first on…
Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments
In August 2025, a new ransomware threat emerged with capabilities that fundamentally changed how organizations should approach enterprise security. Kraken, a Russian-speaking cybercriminal group, began executing sophisticated attacks targeting large organizations across multiple continents. What makes Kraken particularly dangerous is…
Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied to CVE-2025-61882, marks another high-profile victim in Cl0P’s relentless assault on organizations using…
Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover
A deceptive Chrome extension named Safery: Ethereum Wallet has emerged as a serious threat to cryptocurrency users. Published on the Chrome Web Store on November 12, 2024, this extension masquerades as a secure Ethereum wallet while secretly stealing user seed…
Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched by CloudLinux, allows attackers to execute arbitrary commands and potentially take complete…
Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
A vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers. The post Imunify360 Vulnerability Could Expose Millions of Sites to Hacking appeared first on SecurityWeek. This article has been indexed from…