Skip to content
[email protected] (The Hacker News) Page 21

[email protected] (The Hacker News)

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot… 

Read More »RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

Ravie LakshmananFeb 24, 2026Cyber Espionage / Malware A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling… 

Read More »UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according… 

Read More »Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two… 

Read More »UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Ravie LakshmananFeb 24, 2026Artificial Intelligence / Anthropic Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their… 

Read More »Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
APT28 Targeted European Entities Using Webhook-Based Macro Malware

APT28 Targeted European Entities Using Webhook-Based Macro Malware

Ravie LakshmananFeb 23, 2026Malware / Threat Intelligence The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo’s… 

Read More »APT28 Targeted European Entities Using Webhook-Based Macro Malware
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. “Analysis of the recovered dropper, persistence triggers, and… 

Read More »Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb