-
As in the wider world, AI is not quite living up to the hype in the cyber underground. But it’s definitely helping low-level cybercriminals do competent work. Read More
-
It’s the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections. Read More
-
Cyberattackers are integrating large language models (LLMs) into malware, running prompts at runtime to evade detection and augment their code on demand. Read More
-
New research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures. Read More
-
The actor behind the “Contagious Interview” campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users. Read More
-
New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code. Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files on these sites, uncovering thousands of…
-
State-linked hackers stayed under the radar by using a variety of commercial cloud services for command-and-control communications. Read More
-
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers. Read More
-
This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said. Read More
-
Advancements in vision language models expanded models reasoning capabilities to help protect employee safety. Read More