DeepSeek LLM jailbreaked to develop malwareAI models can potentially be misused for creating malicious software if prompt techniques are employed effectively.
Malicious extensions in Chrome Web Store affected 3.2 million usersMalicious Chrome extensions compromised millions of users with fraud and security weaknesses.Threat actors accessed developer accounts through phishing, injecting dangerous code into trusted extensions.
Man Installed "Kill Switch" So That If He Was Ever Fired, All Hell Would Break LooseA laid-off software developer caused significant disruption to a company through malicious cyber activities driven by personal grievances.
Developer convicted for "kill switch" code activated upon his terminationA former software developer faces prison for deploying malicious code to sabotage his employer's network.
Urgent warning to Google users after cyberattack targets browserUsers are warned of a cyberattack using fake error messages to trick into installing malicious software, focusing on Google Chrome and Microsoft apps.
Malicious Python Package Index steals Amazon Web Services credentialsA malicious Python package called 'fabrice' has exfiltrated AWS credentials, highlighting the risks of typosquatting in the developer community.
Researcher sniffs out three-year Go supply chain attackA rogue Go package mimicked a legitimate one for years, exposing a vulnerability in the package management system that needs urgent attention.
Malicious extensions in Chrome Web Store affected 3.2 million usersMalicious Chrome extensions compromised millions of users with fraud and security weaknesses.Threat actors accessed developer accounts through phishing, injecting dangerous code into trusted extensions.
Man Installed "Kill Switch" So That If He Was Ever Fired, All Hell Would Break LooseA laid-off software developer caused significant disruption to a company through malicious cyber activities driven by personal grievances.
Developer convicted for "kill switch" code activated upon his terminationA former software developer faces prison for deploying malicious code to sabotage his employer's network.
Urgent warning to Google users after cyberattack targets browserUsers are warned of a cyberattack using fake error messages to trick into installing malicious software, focusing on Google Chrome and Microsoft apps.
Malicious Python Package Index steals Amazon Web Services credentialsA malicious Python package called 'fabrice' has exfiltrated AWS credentials, highlighting the risks of typosquatting in the developer community.
Researcher sniffs out three-year Go supply chain attackA rogue Go package mimicked a legitimate one for years, exposing a vulnerability in the package management system that needs urgent attention.
Malicious package found in the Go ecosystemA backdoored typosquat package was found in the Go ecosystem, highlighting dangers in package integrity.The vulnerability lasted over three years with extensive dependencies affected.
Security leaders respond to a sophisticated SMS stealing campaignSophisticated SMS Stealer campaign discovered by Zimperium, with over 105,000 samples, posing risks of OTP interception, credential theft, and financial fraud.