Ransomware groups are using "post-quantum" hype to intimidate victims

Kyber, first observed in circulation as early as September, takes its name from the alternate designation of ML-KEM ...
Infosecurity Magazine

Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...

Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation ...

Vercel identifies more accounts affected by security incident

The Vercel cyber attack was more devastating than originally thought.
WeLiveSecurity

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

Fake Google Antigravity Installer Can Steal Accounts in Minutes

Fake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies.
TweakTown

OpenClaw trojan uses AI agents to take control of 28,000 systems

A newly identified OpenClaw Trojan has raised major cybersecurity concerns after reportedly compromising over 28,000 systems ...

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...

Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

Crypto hackers stole $17B over past 10 years: DefiLlama

Crypto hacks stole $17 billion over the past 10 years, driven by private key compromises and phishing attacks as smart contract security improved.

Even trusted apps can spread PC malware now

PCWorld reports that hackers are increasingly compromising legitimate software like Notepad++ and Steam games to distribute ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...