Cybersecurity

624 articles in this category (Page 11 of 26)

AI NewsMalwareCybersecurity

Complex VoidLink Linux Malware Created by AI

Researchers discovered VoidLink, a sophisticated Linux malware framework built almost entirely by AI, signaling a new era of rapid, high-complexity attacks.

Jan 21, 2026

AI NewsCybersecurityMalware

‘Contagious Interview’ Attack Now Delivers Backdoor Via VS Code

North Korean threat actors are exploiting Visual Studio Code to deliver a JavaScript backdoor, enabling remote code execution with no user interaction.

Jan 21, 2026

AI NewsCybersecurityVulnerability Management

Exposure Assessment Platforms Signal a Shift in Focus

Gartner introduces Exposure Assessment Platforms, showing 74% of vulnerabilities are dead ends and projecting 30% less downtime by 2027.

Jan 21, 2026

AI NewsCybersecurityMalware

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers are exploiting Visual Studio Code task files in fake job projects to deploy backdoors and crypto miners, demonstrating a sophisticated evolution in attack tactics.

Jan 21, 2026

AI NewsCybersecurityThreat Intelligence

North Korean PurpleBravo Campaign Targeted 3,136 IPs via Fake Job Interviews

North Korean PurpleBravo hackers targeted 3,136 IP addresses and 20 companies with malicious VS Code projects and BeaverTail malware.

Jan 21, 2026

AI NewsCybersecurityMalware

VoidLink: AI-Assisted Linux Malware Framework Reaches 88,000 Lines of Code

The VoidLink Linux malware framework was largely built using AI assistance, reaching 88,000 lines of code in just weeks, demonstrating accelerated malware development.

Jan 21, 2026

AI NewsCybersecurityBusiness

AI Powers MSSP Margin Gains, Reduces Staffing Needs

AI is enabling Managed Security Service Providers (MSSPs) to achieve double-digit margin gains and deliver CISO-level services without increasing headcount.

Jan 21, 2026

AI NewsCybersecurityCloud Security

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare patched an ACME HTTP-01 validation flaw that disabled WAF protections and let unauthorized requests reach origin servers.

Jan 20, 2026

AI NewsCybersecurityMalware

‘CrashFix’ Scam Crashes Browsers, Delivers Malware

The 'CrashFix' scam utilizes a malicious browser extension, intentional crashes, and a Python-based RAT to compromise systems, targeting both home users and corporate networks.

Jan 20, 2026

AI NewsCybersecurityMalware

Evelyn Stealer Malware Abuses VS Code Extensions

Evelyn Stealer malware compromises developers by exploiting VS Code extensions, resulting in theft of credentials, browser data, and cryptocurrency wallets.

Jan 20, 2026

AI NewsCybersecurityMalware

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

A new LinkedIn phishing campaign delivers a remote access trojan (RAT) via DLL sideloading, exploiting trusted software and bypassing traditional security measures.

Jan 20, 2026

AI NewsCybersecurityCloud Security

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers discovered critical vulnerabilities in Model Context Protocol (MCP) servers, potentially leading to remote code execution and cloud account takeovers.

Jan 20, 2026

AI NewsCybersecurityEmail Security

Zendesk Instances Leveraged in Mass Spam Campaigns

Recent spam attacks originating from legitimate Zendesk instances have impacted users, with one report citing over 800 spam emails bypassing iCloud filters.

Jan 20, 2026

AI NewsCybersecuritySoftware Vulnerability

Anthropic MCP Git Server Vulnerabilities Enable RCE via Prompt Injection

Three vulnerabilities in Anthropic’s MCP Git server allow remote code execution (RCE) through prompt injection attacks.

Jan 20, 2026

AI NewsCybersecurityDevSecOps

Why Secrets in JavaScript Bundles are Still Being Missed

Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, highlighting shortcomings in current SAST and DAST practices.

Jan 20, 2026

AI NewsCybersecurityHealthcare

ChatGPT Health Raises Big Security, Safety Concerns

OpenAI's ChatGPT Health promises secure data handling, but raises significant questions regarding user privacy and potential for inaccurate health advice.

Jan 19, 2026

AI NewsCybersecurityPrompt Injection

Google Gemini Prompt Injection Exposes Calendar Data via Malicious Invites

A recent vulnerability in Google Gemini allowed unauthorized access to private Google Calendar data through a cleverly disguised prompt injection attack.

Jan 19, 2026

AI NewsCybersecurityHardware

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

StackWarp allows privileged hosts to execute code inside AMD SEV-SNP confidential VMs, impacting Zen 1–5 processors.

Jan 19, 2026

AI NewsCybersecurityMalware

StealC Malware Panel Vulnerability Exposed Threat Actor Operations

Researchers exploited an XSS flaw in the StealC malware panel to monitor a threat actor’s operations, stealing over 30 million cookies and 390,000 passwords.

Jan 19, 2026

AI NewsCybersecurityThreat Intelligence

Fortinet Exploits, AI-Powered Attacks & Emerging Malware Dominate Recent Cybersecurity Landscape

This week’s recap highlights a critical Fortinet vulnerability and the rise of sophisticated attacks leveraging AI and evolving malware frameworks.

Jan 19, 2026

AI NewsCybersecurityFinTech

SAFEGUARD RECOVERY EXPERT: Crypto Asset Recovery Service

One investor recovered $278,000 in cryptocurrency lost to fraudulent brokers using a specialized recovery service.

Jan 17, 2026

AI NewsCybersecurityAI Applications

AI System Reduces Attack Reconstruction Time From Weeks to Hours

PNNL’s ALOHA system leverages AI to reduce attack reconstruction time from weeks to hours, accelerating threat emulation and defense.

Jan 16, 2026

AI NewsCybersecurityThreat Intelligence

China-Linked APT Exploits Sitecore Zero-Day in Critical Infrastructure Intrusions

Cisco Talos reports China-linked APT UAT-8837 leveraging a Sitecore zero-day (CVE-2025-53690, CVSS 9.0) against North American critical infrastructure.

Jan 16, 2026

AI NewsCybersecurityVulnerability

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco addressed CVE-2025-20393, a critical 10.0 CVSS zero-day RCE flaw in AsyncOS, exploited by the China-linked UAT-9686 APT group.

Jan 16, 2026