Attackers behind a self-propagating malware campaign targeting Brazilian financial institutions have accelerated and upgraded their malicious activity, using artificial intelligence (AI) to spawn a ...

A new attempt to influence AI-driven security scanners has been identified in a malicious npm package. The package, eslint-plugin-unicorn-ts-2 version 1.2.1, appeared to be a TypeScript variant of the ...

A coordinated cyber campaign using artificial intelligence to disguise malicious code is targeting researchers, developers ...

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

Fake Windows updates deliver advanced malware hidden inside encrypted PNG images Hackers trick victims with update screens that secretly execute malicious commands Stego Loader reconstructs dangerous ...

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.

The cloud giant has stopped more than 1,800 suspected scammers from the Democratic People's Republic of Korea (DPRK, aka ...

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...

Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.