A new macOS stealer, tracked as Gaslight and attributed to North Korean operators, demonstrates a worrying evolution in malware design: deliberate prompt-injection to mislead AI-driven security tools. Gaslight arrives as a standalone Mach-O executable commonly luring macOS users with faux…
Tag: EN
SSH Attackers Use Single Exec Commands to Bypass Interactive Honeypot Analysis
SSH attackers are increasingly abusing single non-interactive exec commands over SSH to bypass traditional honeypot analysis, effectively turning post-authentication activity into short, automated probes rather than interactive shell sessions that deception systems were designed to study. Recent measurements on eleven…
FatFs Vulnerabilities Let Attackers Execute Code via Crafted USB and SD Card Images
A newly disclosed set of vulnerabilities in the widely used FatFs file system library is raising significant concerns across the embedded systems ecosystem. Researchers are warning that specially crafted USB drives and SD card images can trigger memory corruption and,…
OAuth, guest accounts, and weak MFA drive SaaS risk
Organizations often create guest accounts to give contractors, suppliers, and partners temporary access to files and SaaS applications. Many of these accounts remain active long after they are needed, creating overlooked access paths to corporate data. Guest accounts accounted for…
Flipper Zero firmware development gets a fresh set of community rules
Owners of the Flipper Zero, the pocket-sized wireless testing tool, spent recent weeks worried that its official firmware had gone quiet. Pavel Zhovner, CEO of Flipper Devices, moved to settle that concern with word that the company has set aside…
Product showcase: Is that text a scam? Malwarebytes Mobile Security can help you find out
Malwarebytes Mobile Security for iPhone combines scam prevention, privacy protection, and identity monitoring in a single app. It evaluates a device’s security posture, provides recommendations to improve protection, and is available for Windows, macOS, Android, iOS, and ChromeOS. Installation and…
AI Red Teaming Explained: How to Test LLMs for Vulnerabilities (2026)
By HOC Team | Last updated: July 2026 | Read time: ~22 min Every major organisation deploying AI… The post AI Red Teaming Explained: How to Test LLMs for Vulnerabilities (2026) appeared first on Hackers Online Club. This article has…
The future of payment fraud could be automated
Payment fraud is becoming more organized as criminal groups use fake websites, large-scale operations, and, in some cases, forced labor to steal money and personal information. Advances in agentic AI could automate many stages of payment fraud, from collecting and…
AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted
AI-Run Ransomware, New Oracle 9.8 Flaw Exploited, NetNut Proxy Network Busted, and Pegasus Hits EU Spyware Investigator This episode covers researchers’ report of “Jade Puffer,” the first ransomware attack run end-to-end by an autonomous AI agent, which exploited a…
New ClamAV security patch closes seven scanner bugs dating back two decades
Open source antivirus scanning sits inside mail gateways, file upload checks, and endpoint tooling at organizations of every size. Much of that work runs through ClamAV, the scanning engine maintained by Cisco’s Talos group. The project released two patch versions,…
Medtronic Notifies 3.8 Million After ShinyHunters Data Breach
Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million people. Products and operations were unaffected. Medtronic is notifying 3,834,294 individuals after a cyberattack by the ShinyHunters extortion group exposed personal and medical information. In…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer Building a CI/CD…
T3MP3ST Security Framework With 35 Tools, Turns AI Coding Agents Into 0-Day Bug Hunters
A newly released open-source security framework called T3MP3ST is turning general-purpose AI coding agents like Claude Code, OpenAI’s Codex, and Hermes into autonomous red-teaming operators without requiring new API keys, cloud infrastructure, or additional billing. Built by researcher elder-plinius, T3MP3ST…
Cyber Security News Bulletin Weekly – Mythos is Back, WhatsApp Username, Kali Linux 2026.2, +20 Stories
This week’s roundup covers a major AI security model redeployment, several critical RCE vulnerabilities across popular tools, a landmark WhatsApp privacy update, and the latest Kali Linux release. Anthropic Confirms Claude Mythos 5 Redeployment Anthropic’s most powerful AI cybersecurity model…
Flipper Zero Firmware Development Continues With New Community Contribution Rules
Flipper Devices has responded to intense community backlash over perceptions that it had abandoned active development of the Flipper Zero firmware. In a statement addressing the controversy, the company announced it will allocate dedicated resources to firmware maintenance while overhauling…
T3MP3ST Security Framework Turns AI Coding Agents Into 0-Day Bug Hunters
A newly released open-source security framework called T3MP3ST is turning general-purpose AI coding agents like Claude Code, OpenAI’s Codex, and Hermes into autonomous red-teaming operators without requiring new API keys, cloud infrastructure, or additional billing. Built by researcher elder-plinius, T3MP3ST…
AI-Powered Antivirus: How Next-Gen Software Predicts and Stops Threats
Antivirus software has undergone a profound transformation, shifting from reactive signature matching to proactive behavior prediction. Where traditional tools once relied on databases of known malware fingerprints, modern solutions now leverage machine learning, behavioral analysis, and real-time monitoring to…
North Korean PolinRider Campaign Spreads Malicious Packages Across npm, Go, Chrome, and Packagist
North Korean threat actors behind the Contagious Interview campaign have been observed persistently targeting software supply chains by distributing more than 100 malicious packages and browser extensions. Researchers note that the PolinRider campaign is targeting software developers and those…
New Bad Epoll Bug Impacts Android and Linux, Allows Root Access
A recently found Linux kernel vulnerability called ‘Bad Epoll’ (CVE-2026-46242) allows an ordinary person without any special privilege to take complete command of a device as a root. This has impacted Linux systems, Android, and servers, and a patch is…
JadePuffer Uses AI to Streamline End to End Ransomware Operations
Researchers have discovered the first ransomware intrusion conducted almost entirely by an autonomous large language model (LLM) agent, further demonstrating how generative AI and cybercrime are convergent. Sysdig researchers were able to detect the campaign by analyzing an attack…