A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim ...

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection ...

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite ...

Cryptocurrency developers have become the focus of a new macOS-focused cyber campaign that uses fake recruiter approaches, malicious meeting links and compromised software pipelines to steal digital ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

A recently disclosed security flaw could turn 7-Zip into a powerful tool for cybercriminals seeking to spread malware online and compromise large numbers of PCs. The ...

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.

Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

In collaboration with Google and the Shadowserver Foundation, CrowdStrike Counter Adversary Operations team struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing ...