#ai-threat-actors
#ai-threat-actors

Remote teams

OPM seeks cybersecurity talent to join Tech Force

Privacy technologies

fromYahoo Tech

3 days ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

fromFast Company

19 hours ago

Why the Iran cyberattack everyone warned about hasn't really happened yet

Iran-linked hackers have conducted minor cyberattacks in the U.S. but have focused on other regions with more significant incursions.

more#cybersecurity

fromElectronic Frontier Foundation

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly.

Roam Research

SOMA, SF

fromKqed

39 minutes ago

DOJ: Man Who Attacked Sam Altman's House Threatened to Kill Other Tech CEOs | KQED

A Texas man faces charges for attempted murder of OpenAI CEO Sam Altman after violent attacks at his home and company headquarters.

Privacy professionals

37 minutes ago

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

EU data protection

fromComputerWeekly.com

17 hours ago

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

The UK is at risk due to over-reliance on US tech companies for critical infrastructure, impacting national security.

Digital life

fromwww.dw.com

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromFinbold

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

fromBitcoin Magazine

22 hours ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

Cryptocurrency

fromnews.bitcoin.com

23 hours ago

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromFinbold

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

fromBitcoin Magazine

22 hours ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

US news

How AI is getting better at finding security holes

Artificial intelligence

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Information security

Runtime security becomes critical as AI accelerates threats

Information security

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.

4 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromwww.npr.org

3 days ago

US news

How AI is getting better at finding security holes

Artificial intelligence

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.

4 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

Cryptocurrency

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

fromwww.businessinsider.com

3 hours ago

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Privacy professionals

Suspect in Molotov attack on Sam Altman's home linked to AI Discord server

A 20-year-old suspect was arrested for a Molotov cocktail attack on Sam Altman's home, linked to a Discord server critical of AI development.

5 hours ago

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus has reinstated its global fraud engine, shifting its focus toward emerging markets while maintaining a persistent threat to Western enterprise assets.

Information security

DevOps

2 weeks ago

Documentation can contain malicious instructions for agents

Context Hub may enhance API usage but poses risks of software supply chain attacks through unverified documentation.

#phishing

6 hours ago

Information security

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

6 hours ago

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

Privacy professionals

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

#malware

Information security

Fake Claude Website Distributes PlugX RAT

Information security

Fake Linux Foundation leader using Slack to phish devs

Information security

Sophisticated CrystalX RAT Emerges

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

7 hours ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

APT37 employs social engineering on Facebook to deliver RokRAT via a compromised PDF viewer.

48 minutes ago

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

A new ad fraud scheme uses SEO techniques and AI-generated content to deceive users into enabling browser notifications for scams.

Artificial intelligence

fromFuturism

1 month ago

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

JanelaRAT malware targets financial institutions in Latin America, stealing sensitive data and employing advanced infection techniques.

fromInfoQ

16 hours ago

New Rowhammer Attacks on NVIDIA GPUs Enable Full System Takeover

New Rowhammer attacks target NVIDIA GPUs, escalating from memory corruption to full system compromise, highlighting significant hardware security risks.

Cisco aims to make AI agents safer with proposed acquisition of Astrix

Cisco is pursuing an acquisition of Astrix Security to enhance its AI security capabilities.

3 days ago

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

4 days ago

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

fromTechRepublic

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Contagious Interview campaign targets Go, Rust, and PHP ecosystems with malicious packages that function as malware loaders.

fromWIRED

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Russian government hackers broke into thousands of home routers to steal passwords | TechCrunch

Russian hackers hijacked thousands of routers globally to redirect internet traffic and steal passwords and access tokens.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

2 weeks ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.