Russia-linked UAC-0050 targeted a European financial institution using a spoofed Ukrainian domain to deploy RMS remote access malware.

Identity risk escalates when control gaps, hygiene failures, impact, and intent align, forming toxic combinations that drive real breaches ...

Lazarus Group used Medusa ransomware in Middle East and U.S. healthcare attacks, with average $260,000 demands and 366 claimed incidents.

UnsolicitedBooker targets Central Asian telecoms with LuciDoor and MarsSnake, while PseudoSticky and Cloud Atlas hit Russia.

The campaigns detailed by AI upstart entail the use of fraudulent accounts and commercial proxy services to access Claude at scale while avoiding detection. Anthropic said it was able to attribute ...

MuddyWater’s Operation Olalampo targets MENA with GhostFetch, CHAR, HTTP_VIP, and AI-assisted malware since Jan 26, 2026.

AI attackers exploit Microsoft 365 misconfigurations at scale, with 13M phishing emails blocked in October 2025.

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.

Exposed endpoints quietly expand attack surfaces across LLM infrastructure. Learn why endpoint privilege management is important to AI security.

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

AI-augmented actor breached 600+ FortiGate devices in 55 countries using weak credentials and exposed ports, Amazon reports.

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.