GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Ravie LakshmananMar 25, 2026Browser Security / Threat Intelligence Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that...
researchers
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive...
What’s coming next for LLMs and AI agents?
There’s history here, too. In 2017, AI researchers came up with the concept of “meta learning,” where AI could search...
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Ravie LakshmananMar 23, 2026Cloud Security / DevOps Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy...
NICKEL ALLEY strategy: Fake it ’til you make it
Counter Threat Unit™ (CTU) researchers continue to investigate trends in Contagious Interview campaign activity conducted by NICKEL ALLEY, a threat...
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Ravie LakshmananMar 19, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the...
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
Ravie LakshmananMar 19, 2026Malware / Mobile Security Cybersecurity researchers have disclosed a new Android malware family called Perseus that's being...
Researchers warn of unpatched, critical Telnetd flaw affecting all versions
Researchers warn of unpatched, critical Telnetd flaw affecting all versions Pierluigi Paganini March 18, 2026 CVE-2026-32746 is a critical flaw...
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Ravie LakshmananMar 18, 2026Vulnerability / Data Protection Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet...
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments...
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how...
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Ravie LakshmananMar 13, 2026Linux / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that...
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Ravie LakshmananMar 12, 2026Malware / Cybercrime Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's...
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Ravie LakshmananMar 12, 2026Artificial Intelligence / Malware Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed...
