Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.

APT28’s Operation MacroMaze used macro-laced documents and webhook.site to exfiltrate data across Europe from Sept 2025 to ...

AI attackers exploit Microsoft 365 misconfigurations at scale, with 13M phishing emails blocked in October 2025.

MuddyWater’s Operation Olalampo targets MENA with GhostFetch, CHAR, HTTP_VIP, and AI-assisted malware since Jan 26, 2026.

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Exposed endpoints quietly expand attack surfaces across LLM infrastructure. Learn why endpoint privilege management is important to AI security.

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.

PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based ...

SmartLoader campaign spreading StealC via a trojanized Oura MCP server using fake GitHub forks to steal credentials and ...

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North ...

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...