GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Ravie LakshmananMar 25, 2026Browser Security / Threat Intelligence Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that...
have
Training effective models without the annotation budget
The problem: human annotation is expensive Ever since BERT, NLP practitioners have enjoyed a golden age of text classification...
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive...
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known...
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Ravie LakshmananMar 23, 2026Cloud Security / DevOps Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy...
EDR killers explained: Beyond the drivers
In recent years, EDR killers have become one of the most commonly seen tools in modern ransomware intrusions: an attacker...
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Ravie LakshmananMar 19, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the...
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
Ravie LakshmananMar 19, 2026Malware / Mobile Security Cybersecurity researchers have disclosed a new Android malware family called Perseus that's being...
How Ceros Gives Security Teams Visibility and Control in Claude Code
Security teams have spent years building identity and access controls for human users and service accounts. But a new category...
Dormant Accounts Leave Manufacturing Orgs Open to Attack
Workers who have been laid off or fired from their jobs often complain mightily that companies treat them like...
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Ravie LakshmananMar 18, 2026Vulnerability / Data Protection Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet...
Encyclopedia Britannica sues OpenAI over AI training
Encyclopedia Britannica and its subsidiary Merriam-Webster have sued OpenAI, claiming the generative AI (genAI) firm used their encyclopedia and dictionary...
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments...
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Ravie LakshmananMar 17, 2026Threat Intelligence / Endpoint Security North Korean threat actors have been observed sending phishing to compromise targets...
Hacked sites deliver Vidar infostealer to Windows users
In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead...
