APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Ravie LakshmananMar 04, 2026Malware / Windows Security Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed...
have
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support...
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor...
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Ravie LakshmananMar 02, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome...
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview...
AI Overviews Rife With Scam Phone Numbers
I have a love/hate relationship with the AI overviews that Google dishes up when I launch a search. On...
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to...
How smart are Agentic AI solutions in managing threats
Have You Fully Addressed the Security of Your Non-Human Identities? When considering the complexities of cybersecurity, one might focus...
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
Ravie LakshmananFeb 27, 2026Malware / Linux Security Cybersecurity researchers have disclosed details of a malicious Go module that's designed to...
Millions at Risk as Android Mental Health Apps Expose Sensitive Data
Image: DragonImages/Envato Millions seeking support may have been left exposed. Popular Android mental health apps with more than 14.7 million...
Claude Code Security: Why the Real Risk Lies Beyond Code
Many cybersecurity professionals have been following Anthropic's announcement about the release of Claude Code Security on Friday. This created...
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure...
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Ravie LakshmananFeb 26, 2026Malware / Software Security Cybersecurity researchers have disclosed details of a new malicious package discovered on the...
ShinyHunters Leak 12.4 Million CarGurus Records in Massive Data Dump
Image: MargJohnsonVA/Envato Millions of CarGurus users may have had their personal and financial data exposed after a notorious threat actor...
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Ravie LakshmananFeb 25, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial...