Criminal IP has integrated its threat intelligence with OpenCTI, enabling security teams to automatically convert IP addresses, domains, and URLs into structured intelligence within the platform’s knowledge graph. The integration automatically enriches…
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security (CCCS) warned on Thursday. [...]
LTM has launched BlueVerse RightLogic, a cybersecurity assessment and risk assurance framework designed to help enterprises identify, assess and remediate cyber exposure as they accelerate AI adoption. AI is now capable of autonomously identifying and…
The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers. The post North Korean Hackers Target Open Source Developers in Supply Chain Attacks appeared…
Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites, exposing new risks for autonomous AI workflows. Zscaler ThreatLabz documented two active campaigns that embed hidden instructions in web pages to manipulate AI…
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code…
Organizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit. The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek .
Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms…
Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web. The post Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments appeared first on SecurityWeek .
A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign,…
runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs can cause memory corruption, crashes, or data leaks via crafted storage. Cybersecurity firm runZero has disclosed seven vulnerabilities in FatFs, a compact open-source library…
The Office of Professional Responsibility has opened more than 100 cases over what ICE officials call “incidents of doxing and threats” against ICE employees.
IWF and NCA warn that growing numbers of images and videos are being manipulated into sexual abuse material
Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a…
Researchers have revealed JadePuffer, the first agentic AI-powered ransomware campaign, highlighting how autonomous agents can automate cyber-attacks
Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher. A newly disclosed Linux kernel vulnerability, named Bad Epoll (CVE-2026-46242), allows a local attacker with no…
Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that's capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a…
Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick…
Your CEO calls about an AI agent security incident in finance. He wants to know whether money moved, whether financial data was exposed, who owned the agent and why it had this level of access. The agent was connected to a spend management application to…
Getting a verified logo to appear next to your email has traditionally meant having to work with two separate entities. You have to work with a DMARC partner for setting up DMARC and BIMI, then use a trusted Certificate Authority (CA) to purchase a Mark…
Plenty of developers now keep several coding agents close at hand, reaching for Claude Code on one task and Codex or Cursor on the next. Each tool arrives with its own command line, its own handling of credentials, and its own way of running shell commands…
Malwarebytes Mobile Security for iPhone combines scam prevention, privacy protection, and identity monitoring in a single app. It evaluates a device’s security posture, provides recommendations to improve protection, and is available for Windows, macOS,…
Payment fraud is becoming more organized as criminal groups use fake websites, large-scale operations, and, in some cases, forced labor to steal money and personal information. Advances in agentic AI could automate many stages of payment fraud, from…
Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million people. Products and operations were unaffected. Medtronic is notifying 3,834,294 individuals after a cyberattack by the ShinyHunters extortion group exposed…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto…
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. [...]
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small…
Noteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting. The post In Other News: Canadian Hacker Jailed, Open…
A new phishing-as-a-service (PhaaS) platform dubbed "ARToken" appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365. [...]
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning
Sysdig reports an AI agent ran a full ransomware attack end-to-end, exploiting flaws, stealing creds, moving laterally, and encrypting data without humans. Sysdig’s Threat Research Team has documented what it assesses to be the first ransomware operation…
Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions. The post Agentic AI Used to Conduct Ransomware Attack via Langflow appeared first on SecurityWeek .
The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system. The post Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution…
Anthropic says Claude Fable 5 won't be accessible via Claude subscriptions after July 7, but it's not a permanent change, and the company expects the model to return outside the usage-based plan soon. [...]
Claude Fable, the company's most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release. [...]
The plan had been due for publication on Monday, the sources said. It has been postponed amid the uncertainty over the governing Labour Party’s leadership contest, which opens July 9.
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ:…
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through. This is not one big…
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Copilot Chat (Basic) license. [...]
Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. [...]
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise environments, the governance model built for humans…
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing…
A complaint unsealed this week accuses a 19-year-old of participating in incidents including a breach of a "luxury-jewelry retailer" in 2025.
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the…
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that…
The new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases”
A researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every festival from Lollapalooza to Bonnaroo—and freely issue any ticket he chose.
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks' Unit 42…
Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to…
This morning, an interesting phishing email hit my mailbox. It targets Metamask[ 1 ], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It's pretty popular, so a…
New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the agent never breaks a rule.…
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code…
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the bypass GuardFall, found it works…
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable…
Hundreds of contractors working on a project for Meta pretended to be kids in order to see how other chatbots like Gemini and ChatGPT would respond to high-risk subjects, WIRED found.
OpenAI is previewing its GPT-5.6 Sol model to a vetted few at the US government's request
Experts warn the Jaguar Land Rover breach bears hallmarks of Kremlin-backed hackers, citing novel ransomware, strategic timing and efforts to obscure attribution
Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing
As UK police embrace the AI revolution, a WIRED investigation reveals the messy inside story of one region’s experiment with predictive analytics.
LayerX tricked AI browsers including ChatGPT Atlas and Comet into bypassing their guardrails
SentinelLabs found a North Korea-linked macOS backdoor using prompt injection on AI triage tools
New ReliaQuest study reveals the six ways AI is practically being used in attacks today
The private events group, cofounded by Peter Thiel, says a “criminal” hacker is behind a breach that exposed members’ personal details. WIRED found no evidence a break-in was needed to access the files.
OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws
The Five Eyes Alliance has published a rare call to action for organizations facing AI threats
Amid concerns about AI models’ cybersecurity capabilities, OpenAI revealed an improved version of GPT-5.5-Cyber and its “Patch the Planet” initiative to fix open-source software bugs.
North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers
From fake tickets to cloned websites, AI is magnifying World Cup scams. Can fans distinguish between what’s real and what’s not?
Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple…
A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos
Analysis of chatter on underground forums by Sophos finds that hackers fear AI could take work away from them
Nisos infiltrated a North Korean IT-worker fraud cell running on AI interviews and a US laptop farm
The rise of AI-assistants and applications in the enterprise has seen a 93% increase in employees attempting to upload sensitive data, bringing security challenges
Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams
SANS Institute study finds few SOCs have built AI into defined workflows, despite widespread adoption
The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.
Athena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit them
Access to two Anthropic large language models, Mythos 5 and Fable 5, has effectively been banned to any non-US nationals by the Trump administration
Government departments find hundreds of vulnerabilities after testing frontier models
Fake AI guides hide a multi-stage chain that drops AsyncRAT, with signs of AI-assisted coding
Organizations are aware of the challenges that new technologies like AI bring: but cybersecurity staff struggle to make time for the required training during working hours
Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by…
Anthropic unveils Claude Mythos 5 and Fable 5, a restricted-access frontier AI model and guardrailed version for everyone to use
Most dev teams use AI coding assistants but only 30% have full governance in place
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft
At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals
Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era
Trump's executive order invites voluntary pre-release review of frontier AI models
Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck
The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say
Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools
Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe Slowik
Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI…
Top cybersecurity vendors said AI won't replace entry-level – only routine ticket-taking and triage
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain
OWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator
GCHQ director urges urgent business cyber action as AI and quantum reshape the threat
UK firms plan higher cyber spending as AI adoption raises security concerns
CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets
AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers
AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software
Digital.ai data reveals 87% of apps were attacked over the past year
The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks
The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience
Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure
The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks
The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains
UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry
With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up
HiddenLayer reveals infostealer malware in a Hugging Face repository
Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2
Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security
Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack
Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading
ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use
OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required
A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI
Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise
Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets
<div class="SCXW131754345 BCX8"> <div class="OutlineElement Ltr SCXW131754345 BCX8"> <h2><a class="c-button c-button--on-dark"…
<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <th>Title</th> <td>Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure</td> </tr> <tr> <th>Original Publication</th> <td>April 7,…
<h2><strong>Summary</strong></h2> <p><strong>Note:</strong> This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet <a…
<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <td>Executive Summary</td> <td>CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity…
<h2><strong>Executive summary</strong></h2> <p>People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military…
<h2><strong>Executive Summary</strong></h2> <p>This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination,…
2.5 million people were affected, in a breach that could spell more trouble down the line.
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
🔍 No articles match your search.