ESET Research has released its H1 2026 Threat Report with statistics from December 2025 through May 2026. ClickFix – a social engineering technique leveraging fake error messages – has expanded into ...
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
The “free” clipboard manager you just downloaded could be doing more than just copying and pasting text. Researchers recently found a new malware called PamStealer disguised as Maccy, a popular ...
Security researchers say an autonomous AI agent carried out a complete ransomware attack, adapting to failures and executing ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Armored Likho, a new APT group using AI-generated malware and the BusySnake Stealer to target government agencies and power ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
The original incomplete DeepSeek sample can be transformed into a fully functional attack with minimal effort,' Check Point researcher tells The Reg ...