Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Microsoft Threat Intelligence has tracked a Windows cryptocurrency clipper, dubbed CryptoBandits, that’s been active since February 2026. The malware spreads through booby-trapped USB shortcut files, ...
Key Takeaways by nexos.ai, reviewed by Cybernews staff. According to several cybersecurity firms, the attack began after the npm account of Mastra contributor “ehindero” was compromised. Instead of ...
Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate developer API keys. The operation targets software engineering teams ...
Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give ...
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
There is no indication that the palm biometrics “Proof-of-Trust” nee “Proof-of-Humanity” startup Humanity Protocol uses for identity verification have failed. Instead, the company traces a massive ...
Threat actors have been using short-form videos on TikTok and Instagram Reels to push the Vidar infostealer, disguising the attacks as tutorials for unlocking premium software for free. New analysis ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results