Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of per...

It was probably inevitable — analysts have spotted the first known ransomware strain powered by artificial intelligence. ESET malware researchers Anton Cherepanov and Peter Strycek discovered the e...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2022-45134 n/a - n/a Mahara...

Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking employees into starting the conversation. What follows are weeks of...

Google’s Threat Intelligence Group is aware of over 700 potentially impacted organizations. The threat actor used a Python tool to automate the data theft process for each targeted organization. Re...

Remy Ra St Felix, 25, was sentenced to an additional six years and ten months last week following an assault on a witness who testified against him in a trial that related to a string of vicious ro...

The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shor...

Qilin ransomware added CBI on its extortion portal on the dark web on August 20, 2025, claiming to have stolen all design projects and threatening to make them public, giving competitors an edge. ...

In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware, and tho...

Zimperium’s zLabs research team has uncovered a new variant of the Hook Android banking trojan, now featuring some of the most advanced capabilities we’ve seen to date. This version introduces: ...

A sophisticated malvertising campaign which sought to deploy a variant of Atomic macOS Stealer (AMOS) has targeted hundreds of organizations. Between June and August 2025, the campaign saw victims ...

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. ...

A sophisticated credential-harvesting campaign has been targeting ScreenConnect cloud administrators for years and may be opening the door to ransomware attacks, researchers at Mimecast said in a b...

A new ClickFix social engineering proof-of-concept attack uses AI summaries to deliver ransomware. Threat monitoring vendor CloudSEK published research today regarding a ClickFix proof-of-concept ...

Australia’s University of Melbourne last year used Wi-Fi location data to identify student protestors. The University used Wi-Fi to identify students who participated in the July 2024 sit-in prote...

Active since 2020, Anatsa allows its operators to take over infected devices and perform fraudulent transactions and other various actions on behalf of their victims. Last year, the trojan was seen...

The real innovation lies hidden from the user. Buried within the email’s source code is text deliberately written in the style of prompts for large language models like ChatGPT or Gemini. This “pro...

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its cr...

In a sweeping INTERPOL-coordinated operation, authorities across Africa have arrested 1,209 cybercriminals targeting nearly 88,000 victims. The crackdown recovered USD 97.4 million and dismantled 1...

Exclusive: A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company. Access Personal Checking Services (APCS) has writ...