Security firm Pillar reveals the Chaos Agent in which Hackerbot-Claw, an AI agent, used natural language to compromise major GitHub projects and hijack developer tools. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
Tag: EN
MaaS VIP Keylogger Campaign Uses Steganography to Steal Credentials at Scale
A large-scale spear-phishing campaign distributing a VIP Keylogger variant sold as Malware-as-a-Service (MaaS). The campaign employs steganography, in-memory execution, and modular payload design to evade defenses while harvesting credentials across browsers, email clients, and collaboration tools. Researchers observed fraudulent purchase-order emails that…
Apache ZooKeeper Flaw Exposes Sensitive Data to Attackers
Apache ZooKeeper, a centralized service used for maintaining configuration information and naming in distributed systems, has received critical security updates. The Apache Software Foundation recently addressed two “Important” severity vulnerabilities that could expose sensitive data and allow server impersonation in…
Transparent Tribe’s ‘Vibeware’ Shift Signals Rise of AI-Generated Malware at Industrial Scale
Pakistan-based threat actor APT36, widely known as Transparent Tribe, has shifted away from carefully crafted tools to a new approach called “vibeware” — AI-assisted malware produced in high volumes with little regard for quality. Rather than investing time in one…
Telco Strategies for Consumer Security 2026
As consumer cyber threats continue to evolve – from industrialized scam operations to large-scale abuse of IoT devices – telecom operators are increasingly expected to play… The post Telco Strategies for Consumer Security 2026 appeared first on CUJO AI. This…
Fake Claude Code install pages highlight rise of “InstallFix” attacks
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting it…
TriZetto Provider Solutions Breach Hits 3.4 Million Patients
Billing services provider TriZetto Provider Solutions has begun notifying millions of patients about a data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: TriZetto Provider Solutions Breach Hits 3.4 Million Patients
ClipXDaemon Malware Targets Crypto Users in Linux X11 Sessions
ClipXDaemon is a new Linux malware family that hijacks cryptocurrency clipboard data in X11 sessions, operating fully offline without any command‑and‑control (C2) infrastructure. It reuses a ShadowHS-style loader built with the public bincrypter framework but delivers a completely different, autonomous…
More AI tools, more burnout! New research explains why
Workflows built around multiple AI agents and constant tool switching are adding cognitive strain across large enterprises. A recent Harvard Business Review analysis describes this pattern as “AI brain fry,” a form of mental fatigue tied to intensive use and…
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data. The extensions in question, both originally…
From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence
LLMs can turn CTI narratives into structured intelligence at scale, but speed-accuracy trade-offs demand careful design for operational defense workflows. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light on the…
Cybercrime Group in Vietnam Enables Massive Fraudulent Signups
A wave of fraudulent account registrations to a cybercrime ecosystem operating out of Vietnam. These fake accounts are not just spam; they underpin large-scale financial fraud, phishing, and interpersonal scams that erode trust in online platforms. Attackers scripted mass “puppet”…
Augur lands $15 million funding to strengthen critical infrastructure security
Augur has announced a $15 million seed round led by Plural, with participation from First Kind, SNR, Flix, and Tiny VC. The funding will support the deployment of Augur’s technology as governments, operators, and venue owners across Europe face rising…
Ghanaian Pleads Guilty to Role in $100m Romance Scam
Derrick Van Yeboah admitted he stole over $10m in romance scams as part of crime gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghanaian Pleads Guilty to Role in $100m Romance Scam
Royal Navy races to arm ships against drone threat
Britain’s Ministry of Defence wants a counter-drone system designed, contracted, and delivered within weeks Britain’s Royal Navy is urgently seeking a ship-based counter-drone system and recent world events likely explain why.… This article has been indexed from The Register –…
Managing App Access on Frontline Devices in an Always-On World
Australia’s recent decision to restrict social media access for children under 16 marks one of the most significant digital policy interventions the country has seen in years. The new policy reflects rising concern among policymakers around youth access to social…
112 or 22 to 2: Who Moved the Vulnerability Cheese?
AI can now scan codebases and generate hundreds of potential vulnerabilities in minutes. But when 112 bug reports collapse into 22 confirmed flaws and only two exploitable issues, the real disruption is how AI is reshaping the entire vulnerability lifecycle.…
Optimizely Reports Data Breach Linked to Sophisticated Vishing Incident
In addition to serving as a crossroads of technology, marketing intelligence, and vast networks of corporate data, digital advertising platforms are becoming increasingly attractive targets for cybercriminals seeking an entry point into enterprise infrastructure. Optimizely recently revealed that a…
OpenAI joins the race in AI-assisted code security
OpenAI introduced Codex Security, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities. The launch comes a few weeks after rival Anthropic unveiled its Claude Code Security tool. The feature is available in research preview…
How AI will impact security careers and what leaders should do about it
Security professionals are optimistic about AI’s impact on their careers, but challenges remain. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: How AI will impact security careers and what leaders should do about…