#in-memory-malware
#in-memory-malware

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

14 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Defenders are slow in responding to alerts, creating a significant gap in cybersecurity effectiveness against fast-moving threats.

14 hours ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Silicon Valley

fromWIRED

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

14 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Defenders are slow in responding to alerts, creating a significant gap in cybersecurity effectiveness against fast-moving threats.

more#cybersecurity

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

fromeLearning Industry

Custom AI Governance Services: The Missing Piece In Your L&D Strategy

Many L&D teams adopt AI tools without ensuring fairness, transparency, and accountability in their training programs.

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Marketing tech

fromAdExchanger

16 hours ago

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

more#data-integrity

#data-breach

EU data protection

fromTNW | Data-Security

20 hours ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

fromTechCrunch

13 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

EU data protection

fromTNW | Data-Security

20 hours ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

fromTechCrunch

13 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Building Agent Memory That Survives Between Sessions | Pere Villega

Memory in Claude Code sessions is a design problem requiring deliberate creation of context to avoid repetitive explanations.

Node JS

fromNist

NVD

Axios library versions prior to 1.15.0 are vulnerable to Prototype Pollution, leading to Remote Code Execution and Full Cloud Compromise.

#ai

fromwww.npr.org

US news

How AI is getting better at finding security holes

Information security

Runtime security becomes critical as AI accelerates threats

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromFortune

Artificial intelligence

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromHarvard Business Review

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

fromwww.npr.org

US news

How AI is getting better at finding security holes

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromFortune

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

AI companies face challenges in balancing technology use with government secrecy, highlighted by Anthropic's conflict with the Pentagon.

fromIntelligencer

fromHarvard Business Review

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Apple

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Apple

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

more#apple-intelligence

World news

Microsoft hints at bit bunkers for war zones

Microsoft is redesigning datacenters in conflict-prone regions due to Iranian attacks targeting Middle Eastern facilities linked to US military operations.

fromFuturism

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

#artificial-intelligence

fromwww.bbc.com

23 hours ago

Met looking at using AI to help child abuse cases

The Metropolitan Police is considering using AI to identify victims of online child sexual abuse and categorize imagery by severity.

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

fromwww.bbc.com

23 hours ago

Met looking at using AI to help child abuse cases

The Metropolitan Police is considering using AI to identify victims of online child sexual abuse and categorize imagery by severity.

more#artificial-intelligence

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

Roam Research

fromArs Technica

New Rowhammer attacks give complete control of machines running Nvidia GPUs

Rowhammer attacks on Nvidia GPUs can compromise CPU memory, allowing full control of host machines.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.

18 hours ago

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.

fromTechCrunch

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

fromWIRED

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

6 hours ago

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

JanelaRAT malware targets financial institutions in Latin America, stealing sensitive data and employing advanced infection techniques.

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

18 hours ago

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

16 hours ago

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

more#adobe

fromInfoWorld

3 weeks ago

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

fromInfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

Miscellaneous

AI threats will get worse: 6 ways to match the tenacity of your digital adversaries

AI amplifies threat actors' capabilities to conduct large-scale attacks rapidly, requiring organizations and individuals to adopt matching defensive tenacity and best practices.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

fromSecuritymagazine

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

Science

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

fromTechRepublic

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

fromTechRepublic

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

fromNextgov.com

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

fromDevOps.com

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action - DevOps.com

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

fromSecuritymagazine

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

fromTechRepublic

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

By mid-2026, at least one major global enterprise will fall to a breach caused or significantly advanced by a fully autonomous agentic AI system.

Artificial intelligence

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Information security

The biggest AI threats come from within - 12 ways to defend your organization

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Information security

The biggest AI threats come from within - 12 ways to defend your organization

more#ai-cybersecurity

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

fromEntrepreneur

This AI Security Strategy Is Redefining Cyberattack Recovery

Combining Zero Trust principles with AI enhances resilience, reduces downtime, and maintains strict access controls.

Fake job applications pack malware that disables EDR

Russian cybercriminals target HR teams with malicious CVs disguised as job applications to install malware that disables security tools and steals corporate data.

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.

This new 'sleeperware' doesn't set off alarms or crash your system - it sneaks in and waits

In its annual Red Report, a body of research that analyzes real-world attacker techniques using large-scale attack simulation data, Picus Labs warns cybersecurity professionals that threat actors are rapidly shifting away from ransomware encryption to parasitic "sleeperware" extortion as their means to loot organizations for millions of dollars per attack. Released today and now in its sixth year, the 278-page Red Report gets its name from Picus-organized cybersecurity exercises that take the perspective of the attacker's team, otherwise known as the "red team."

Information security