Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 20...
Key Insights Critical RCE Flaw in Popular AI-powered IDE. Check Point Research uncovered a persistent remote code execution vulnerability in Cursor, a fast-growing AI-powered coding platform trus...
The incident came to light on July 24, when Cisco learned that one of its representatives had been targeted in a vishing attack. The threat actor had managed to access and steal a “subset of basic ...
Key Takeaways Raspberry Robin is an advanced malware downloader that has been active since 2021. The developers have improved the malware’s obfuscation methods by adding multiple initialization lo...
Cybersecurity researchers have uncovered significant overlaps between the attack infrastructure of ShadowSyndicate, also known as Infra Storm by Group-IB, and several prominent ransomware-as-a-serv...
We are observing stealth crawling behavior from Perplexity, an AI-powered answer engine. Although Perplexity initially crawls from their declared user agent, when they are presented with a network ...
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. Nextron Systems secur...
Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons. The browser maker urged devs to “exercise extreme caution and scrutiny” when reviewing seemingly legitim...
The LegalPwn technique works by hiding malicious code within fake legal disclaimers. According to the research, twelve major AI models were tested, and most were found to be susceptible to this for...
Executive Summary SentinelLABS and Beazley Security discovered and analyzed a rapidly evolving series of infostealer campaigns delivering the Python-based PXA Stealer. This discovery showcases a ...
Fingerprinting Malicious Infrastructure The art of fingerprinting adversary infrastructure involves identifying the attributes of an IP address and using them to build up a profile specific to the...
Executive Summary CYFIRMA Threat Intelligence has observed an ongoing malicious campaign leveraging the domain telegrampremium[.]app, which fraudulently mimics the official Telegram Premium platfo...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-32256 undefined - undefinedR...
ChatGPT shared conversations are being indexed by major search engines, effectively turning private exchanges into publicly discoverable content accessible to millions of users worldwide. The issu...
Many hackers are opportunistic and often attempt to exploit security gaps to launch an attack days before a vulnerability is disclosed. According to a new report published on July 31 by GreyNoise,...
Ever look at a bit of Javascript sandboxing code and say to yourself “I know I can probably break out of that”? No? Just me? Must be a security researcher thing. As a hacker, one of the best place...
In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions we...
A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor and can be exploited to execute remote code with developer privileges. The se...
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manag...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2013-10034 Kaseya - KServer ...