cyber news

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

Aug 29, 2025Ravie LakshmananMalware / Windows Security Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. “The objective is…

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

Aug 28, 2025Ravie LakshmananMalware / Ransomware Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs…

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide

The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. “While these actors…

Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec

Aug 28, 2025The Hacker NewsCloud Security / Generative AI Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem…

Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them

Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average…

Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. “Malicious…

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing 0K Crypto Transfers and M+ Profits

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

Aug 28, 2025Ravie LakshmananArtificial Intelligence / Malware The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in…

Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks

The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. “Unlike traditional on-premises ransomware, where the threat actor typically deploys malware…

Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model

Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to…

Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors

Aug 27, 2025Ravie LakshmananCyber Attack / Artificial Intelligence Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data…

« Previous
1
…
48
49
50
51
52
…
332
Next »