A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open source code, obfuscated Lua stages,…
Algorithmic Circuit Breakers: Engineering Hard Stop Safety Into Autonomous Agent Workflows
Autonomous agents don’t just fail. They persist. They retry, replan, and chain tools until something “works.” That persistence is exactly what makes agents valuable, and exactly what makes them hazardous in production without strict execution controls. Algorithmic circuit breakers (ACBs)…
How AI is being used in dentistry
By 2026, artificial intelligence (AI) is playing a growing role in dentistry across the UK, helping practices improve patient management, treatment planning, and overall care. The rise of AI is supporting everyday tasks such as appointment booking, analysing dental images,…
AI and Chatbots Transforming the Future of Consumer Lending
Artificial intelligence (AI) and chatbot technology are rapidly changing the consumer lending landscape, helping financial institutions deliver faster, more efficient, and more personalised services. New insights from Tata Consultancy Services show that digital innovation is reshaping how loans are applied…
Router Security Hardening Steps for 2026: From Default Credential Audits to Automated Firmware Risk Monitoring
Network edge devices are now among the most targeted entry points in cyberattacks. Recent intelligence shows that threat actors are focusing more on routers, firewalls, and VPN concentrators than on end-user machines, a trend highlighted in multiple 2025 threat intelligence…
Researcher claims Claude Desktop installs “spyware” on macOS
A security researcher claims Claude Desktop installed spyware on his Mac. We examine the findings. This article has been indexed from Malwarebytes Read the original article: Researcher claims Claude Desktop installs “spyware” on macOS
New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention
Dubbed Lotus Wiper, the malware targets recovery mechanisms, overwrites drives, and systematically deletes files. The post New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Unauthorized Users Reportedly Gain Access to Anthropic’s Mythos AI Model
A group of unauthorized users reportedly has gained access to Anthropic’s controversial Claude Mythos Preview AI frontier model despite the AI vendor’s efforts to keep it out of public hands by limiting the organizations that can use it. Bloomberg reported…
French Fintech Accounts Used to Launder Stolen Funds Before Detection
Cybercriminals are turning French freelancer fintech accounts into high-speed money laundering channels, moving stolen funds within minutes often before banks or victims realise anything is wrong. Fintech platforms like Revolut, Wise and N26 allow fast, remote account opening, light-touch digital…
Google unleashes even more AI security agents to fight the baddies
Along with a bunch of new services to make sure those same agents don’t cause chaos Google Cloud chief operating officer Francis deSouza has summed up his company’s security strategy du jour as follows: “You need to use AI to…
Tencent’s QClaw AI agent app arrives on Windows and macOS
Tencent has opened an international beta of QClaw, an AI agent application aimed at consumers in Canada, Japan, Singapore, South Korea, and the United States. The first wave is capped at 20,000 users. Additional markets are scheduled to follow. QClaw…
Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers to bypass firewall detection. MOVEit WAF (web application firewall) is designed to protect Progress’s managed file transfer platform…
Massive SIM Farm-as-a-Service Network Exposes 87 Control Panels Across 17 Countries
A global investigation has uncovered an industrial-scale mobile proxy ecosystem powered by a shared control platform called ProxySmart, with 87 exposed control panels spanning 17 countries and at least 94 physical phone-farm locations enabling large-scale fraud, bot activity, and identity…
Compromised Namastex npm Packages Deliver TeamPCP-Style CanisterWorm Malware
A serious supply chain threat has surfaced in the npm ecosystem. Malicious versions of packages belonging to Namastex.ai have been found carrying CanisterWorm malware, a self-propagating backdoor that mirrors the attack style of the threat actor known as TeamPCP. The…
Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data
Researcher says the missing piece is a governance-driven intelligence layer that turns SBOM and VEX data into explainable security decisions. The post Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data appeared first on SecurityWeek.…
Mirai Botnet Targets Flaw in Discontinued D-Link Routers
The exploitation of the command injection vulnerability started one year after public disclosure and PoC exploit code publication. The post Mirai Botnet Targets Flaw in Discontinued D-Link Routers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
France’s ‘Secure’ ID agency probes breach as crooks claim 19M records
Gov admits ‘incident’ as forum sellers boast of fresh haul covering up to a third of the population France’s National Agency for “Secure” Documents is explaining a potential data spill just as crooks online claim they’ve nicked a third of…
ICE Uses Graphite Spyware
ICE has admitted that it uses spyware from the Israeli company Graphite. This article has been indexed from Schneier on Security Read the original article: ICE Uses Graphite Spyware
Scotland Yard can keep using live facial recognition on Londoners, say judges
Judges say cops face-slurping not a problem under current human rights laws London’s Metropolitan Police Service (MPS) has survived a legal challenge that attempted to curb its rollout of live facial recognition (LFR) technology across the capital.… This article has…
Claude Mythos Finds 271 Firefox Vulnerabilities
All the flaws could have also been found by an elite human researcher, according to Mozilla. The post Claude Mythos Finds 271 Firefox Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Claude…
Toxic Combinations: When Cross-App Permissions Stack into Risk
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat…
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a…
Lotus Wiper Hits Energy Sector in Destructive Cyberattack
Hackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort money but to destroy data and disrupt operations permanently. Artifacts from the Lotus Wiper attack chain…
Evaluating Python libraries reputation and safety
Evaluating Python library safety comes down to a few key dimensions: Check the source and provenance PyPI page: Look at download counts, release history, and whether the project links to a real GitHub/GitLab repo. Author/org reputation: Libraries maintained by well-known…