researchers

Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers

AndyC 12 November 2025

Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that's sold on Russian-speaking...

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

AndyC 11 November 2025

Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style...

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

AndyC 11 November 2025

Nov 10, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have disclosed a new set of three extensions associated with the...

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

AndyC 8 November 2025

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be...

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

AndyC 6 November 2025

Nov 05, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial...

Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed

AndyC 5 November 2025

Nov 04, 2025Ravie Lakshmanan Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed...

OpenAI spends even more money it doesn’t have

Anthropic experiments with AI introspection

AndyC 4 November 2025

However, this ability to introspect is limited and “highly unreliable,” the Anthropic researchers emphasize. Models (at least for now) still...

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

AndyC 4 November 2025

Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry...

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

AndyC 4 November 2025

Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive...

BRONZE BUTLER exploits Japanese asset management software vulnerability

AndyC 31 October 2025

In mid-2025, Counter Threat Unit™ (CTU) researchers observed a sophisticated BRONZE BUTLER campaign that exploited a zero-day vulnerability in Motex...

Threat Actors Weaponizing Open Source AdaptixC2 Tied to Russian Underworld

AndyC 31 October 2025

Threat researchers with cybersecurity firm Silent Push are linking bad actors with heavy ties to the Russian underworld to...

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

AndyC 31 October 2025

Oct 30, 2025Ravie LakshmananDevSecOps / Software Security Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting...

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

AndyC 30 October 2025

Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code execution vulnerability (CVE-2025-59287) in Microsoft’s Windows Server Update...

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

AndyC 30 October 2025

Oct 29, 2025Ravie LakshmananVulnerability / Internet of Things Cybersecurity researchers are calling attention to a spike in automated attacks targeting...

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

AndyC 30 October 2025

Oct 29, 2025Ravie LakshmananMachine Learning / AI Safety Cybersecurity researchers have flagged a new security issue in agentic web browsers...

researchers

Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed

Anthropic experiments with AI introspection

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

BRONZE BUTLER exploits Japanese asset management software vulnerability

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

The Power of Large Language Models for Cybersecurity

Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students

How To Spot Health Insurance Scams This Open Enrollment Season

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed