A new wave of AI-generated malware is hitting the open-source software ecosystem, and this time, the attacker made a critical mistake that gave researchers a rare inside look at their operation. A malicious package named “mouse5212-super-formatter” was discovered on the npm registry, acting as an in
A new phishing technique called VaultJacking has emerged, and it is raising serious alarms across the cybersecurity community. With just a single captured 6-digit PIN, an attacker can walk away with an entire Google Password Manager vault, including every saved password and passkey stored inside. Th
A new kind of cyberattack is changing how defenders must think about intrusion detection. On May 10, 2026, a threat actor used a large language model (LLM) agent to drive a full post-exploitation chain, starting from an exposed notebook server and ending with an internal database dumped in under two
France-based startup Edamame says its runtime verification platform uses host telemetry and AI analysis to detect coding-agent “intent drift,” secret theft and supply-chain attacks in real time. The post New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails appeared first on Securi
Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate. The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appeared first on SecurityWeek.
Project Lightwell is designed to fix vulnerabilities without breaking what is already in production. The post IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” appeared first on SecurityWeek.
Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot recommendations. [...]
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across us
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta now - meanwhile som
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not have a CVE identifier
A newly discovered Android banking trojan known as OverlayPhantom is raising concerns among cybersecurity researchers after evidence revealed that the malware is actively targeting banking, financial, and cryptocurrency users across multiple Western countries. The malware campaign, uncovered by Cyb
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropi
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate r
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond conventional search results and increases the visibi
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
The speech is the latest in a string of warnings from intelligence experts that Russia is stepping up hostile activity in a “gray zone” that falls just below the threshold of war. The post UK Cyberspying Chief Calls AI ‘an Unstoppable Force’ and Warns About Russia appeared first on SecurityWeek.
Novee researchers discovered an account takeover vulnerability in the open source CFP management tool Pretalx. The post Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate appeared first on SecurityWeek.
As the 2026 FIFA World Cup draws closer, cybercriminals are moving fast to cash in on the excitement. Researchers have uncovered a massive fraud operation targeting fans of the world’s biggest football tournament, with over 300 fake domains already live. The operation is sophisticated, well-funded,
A powerful phishing kit known as Tycoon 2FA has been making waves across the cybersecurity world since it first appeared in August 2023. The kit operates as a Phishing-as-a-Service (PhaaS) platform, meaning cybercriminals can rent and deploy it without building anything from scratch. Its primary goa
A new malware campaign is targeting content creators, gamers, and AI enthusiasts by disguising itself as popular software tools like ChatGPT and Claude. The attackers are spreading a dangerous backdoor called DinDoor through fake installers hosted on trusted platforms, catching many users completely