New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
MIT Technology Review

AI is already making online crimes easier. It could get much worse.

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be ...
The Hacker News

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google finds nation-state hackers abusing Gemini AI for target profiling, phishing kits, malware staging, and model ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...
SecurityWeek

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

DoS and malware attacks possible on IBM App Connect Enterprise

Multiple software vulnerabilities threaten systems with IBM App Connect Enterprise or WebSphere Service Registry and ...

Microsoft warns infostealer malware is 'rapidly expanding beyond traditional Windows-focused campaigns' and targeting Mac devices

Gone are the days when Windows was always the number one target for cybercriminals - as new research has found macOS is ...
SDxCentral

How threat actors are really using AI

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more ...
Security Boulevard

Report: Open Source Malware Instances Increased 73% in 2025

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 threats discovered. A full 90% of the attacks targeted the software supply chain ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...