EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.
Hackers posing as Medusa agents tried to lure BBC’s Joe Tidy into facilitating a cyberattack, offering him 15–25% of ransom payouts in exchange for his laptop’s access to the network.
BreachStars emerges as the latest reincarnation of BreachForums, pledging better infrastructure and security. However, rebooting a notorious hacker forum brings old challenges and new vulnerabilities.
Threat actors are increasingly poisoning AI tools and assistants embedding dangerous prompts or corrupting the data they rely on to turn defenses against organizations.
EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.
Hackers posing as Medusa agents tried to lure BBC’s Joe Tidy into facilitating a cyberattack, offering him 15–25% of ransom payouts in exchange for his laptop’s access to the network.
BreachStars emerges as the latest reincarnation of BreachForums, pledging better infrastructure and security. However, rebooting a notorious hacker forum brings old challenges and new vulnerabilities.
Threat actors are increasingly poisoning AI tools and assistants embedding dangerous prompts or corrupting the data they rely on to turn defenses against organizations.
Qualcomm’s Guardian aims to rival Intel vPro with always-on device control via built-in cellular connectivity, but the tradeoff may threaten privacy and trust.
A rapid cascade of cyber events Chrome zero-day, a record DDoS, Cisco IOS exploit, and Kali Linux upgrade highlight how threat activity keeps accelerating.
Trump urged Microsoft to fire Lisa Monaco, its head of global affairs, raising concerns over her revoked security clearance and history in DOJ investigations.
Google’s Project Zero team uncovered a method to bypass ASLR on Apple devices by exploiting NSDictionary’s JSON serialization behavior, potentially weakening memory protections.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
A sophisticated cyber campaign used DLL side‑loading to deliver a hybrid PlugX variant and the Bookworm backdoor to telecom and ASEAN networks, revealing renewed tactics by China‑linked threat actors.
English (United States)
