WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...

AI-generated Slopoly malware used in Interlock ransomware attack

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...
BGR

New Windows Malware Impersonates Everyday Apps To Infect Your Computer

Malware has become a prevalent part of the online ecosystem. It's become so bad, in fact, that the FBI has even warned Americans to replace certain wi-fi routers in the past, to help avoid known ...
Computer Weekly

PromptSpy Android malware may exploit Gemini AI

An Android-specific malware targeting mobile device takeover appears to use generative AI (GenAI) services in its execution flows to maintain persistence on the victim’s smartphone, researchers at ...
TechRepublic

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware. The attack relies on compromised websites that ...
Fox News

Android malware hidden in fake antivirus app

If you use an Android phone, this deserves your attention. Cybersecurity researchers warn that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to ...
Dark Reading

Complex VoidLink Linux Malware Created by AI

An advanced cloud-first malware framework targeting Linux systems was created almost entirely by artificial intelligence (AI), a move that signals significant evolution in the use of the technology to ...
Search Engine Land

Inside SearchGuard: How Google detects bots and what the SerpAPI lawsuit reveals

We fully decrypted Google’s SearchGuard anti-bot system, the technology at the center of its recent lawsuit against SerpAPI. After fully deobfuscating the JavaScript code, we now have an unprecedented ...
PC World

Zoom users, beware: These browser extensions are spying on you

PCWorld reports that 18 malicious browser extensions linked to Chinese hacker group DarkSpectre are stealing sensitive Zoom meeting data from users. These dangerous extensions have been downloaded 2.2 ...
PC Magazine

From Firefox Malware to Stolen Pornhub Data: This Week's Security News Is Not Sexy

A wave of recent breaches and malware discoveries shows how easily trusted software and private data can be exploited. I've been writing and editing stories for almost two decades that help people use ...
SiliconANGLE

‘PyStoreRAT’ malware uses fake developer tools on GitHub to infect Windows systems

A new report out today from endpoint security firm Morphisec Inc. details a previously undocumented malware family dubbed “PyStoreRAT” that abuses trusted open-source platforms and Windows scripting ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...