Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure...
researchers
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Ravie LakshmananFeb 26, 2026Malware / Software Security Cybersecurity researchers have disclosed details of a new malicious package discovered on the...
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Ravie LakshmananFeb 25, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial...
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Ravie LakshmananFeb 25, 2026Cybersecurity / Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET...
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a...
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster...
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Ravie LakshmananFeb 20, 2026Malware / Threat Intelligence Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised...
PromptSpy ushers in the era of Android threats using GenAI
ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine...
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI)...
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Ravie LakshmananFeb 19, 2026Banking Malware / Mobile Security Cybersecurity researchers have disclosed details of a new Android trojan called Massiv...
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct...
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an...
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Ravie LakshmananFeb 18, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio...
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
Ravie LakshmananFeb 17, 2026Malware / Artificial Intelligence Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing...
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Ravie LakshmananFeb 17, 2026Infostealer / Artificial Intelligence Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing...
