Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Ravie LakshmananMay 01, 2026Malware / Social Engineering Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid,...
researchers
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and...
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Ravie LakshmananApr 30, 2026Cloud Security / Threat Intelligence Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called...
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Ravie LakshmananApr 30, 2026Linux / Vulnerability Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that...
Researchers built a chatbot that only knows the world before 1931
The post Researchers built a chatbot that only knows the world before 1931 appeared first on Malwarebytes. The internet’s chatbots...
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Ravie LakshmananApr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack...
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project...
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
The Hacker NewsApr 29, 2026Artificial Intelligence / Exposure Validation In February 2026, researchers uncovered a shift that completely changed the...
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Ravie LakshmananApr 28, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Ravie LakshmananApr 27, 2026Malware / Software Supply Chain Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code)...
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users...
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's...
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in...
