discovered

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

AndyC 31 January 2026

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect...

Read More

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

AndyC 31 January 2026

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between...

Read More

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

AndyC 29 January 2026

Ravie LakshmananJan 28, 2026Supply Chain Security / Malware Cybersecurity researchers have discovered two malicious packages in the Python Package Index...

Read More

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

AndyC 28 January 2026

Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has...

Read More

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

AndyC 27 January 2026

Ravie LakshmananJan 26, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a...

Read More

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

AndyC 27 January 2026

Ravie LakshmananJan 26, 2026AI Security / Vulnerability Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions...

Read More

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups

AndyC 27 January 2026

We discovered two threat campaigns that used PeckBirdy in their operations. Based on victimology and the tools, tactics, and procedures...

Read More

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

AndyC 23 January 2026

Ravie LakshmananJan 22, 2026Cryptojacking / Malware A new malicious package discovered in the Python Package Index (PyPI) has been found...

Read More

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

AndyC 22 January 2026

The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person...

Read More

This month in security with Tony Anscombe – January 2026 edition

This month in security with Tony Anscombe – January 2026 edition

AndyC 31 January 2026

The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to...

Read More

DynoWiper update: Technical analysis and attribution

DynoWiper update: Technical analysis and attribution

AndyC 31 January 2026

In this blog post, we provide more technical details related to our previous DynoWiper publication. Key points of the report: ESET researchers identified new data-wiping...

Read More

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

AndyC 29 January 2026

ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as...

Read More

Trending InfoSec News

Drowning in spam or scam emails? Here’s probably why

AndyC 28 January 2026

Digital Security Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem...

Read More

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

AndyC 24 January 2026

ESET Research The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper ESET Research 23 Jan 2026 • , 1 min....

Read More

Children and chatbots: What parents should know

Children and chatbots: What parents should know

AndyC 24 January 2026

Kids Online As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development Phil Muncaster 23...

Read More

AI Didnt Break Cybersecurity

AI Didnt Break Cybersecurity

AndyC 3 February 2026

MoltBot Skills exploited to distribute 400+ malware packages in days

MoltBot Skills exploited to distribute 400+ malware packages in days

AndyC 3 February 2026

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

AndyC 3 February 2026

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

AndyC 3 February 2026

Reorient Your Thinking to Tackle AI Security Risks

What Verified Breach Data Changes About Exposure Monitoring

AndyC 3 February 2026