This week’s ThreatsDay Bulletin covers spyware-laced game cheats, fake installers, infostealer, ransomware, phishing kits, ...
One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices ...
A financially motivated Russian threat actor tracked as UAT-11795 is using trojanized software to steal credentials and ...
OpenAI has built an LLM super-hacker called GPT-Red that it uses as a sparring partner to help its other models boost their ...
A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to ...
By some benchmarks, Julia code can run 10X to 1,000X faster than Python—but there’s a reason it’s not a very popular ...
Researchers say popular AI tools have reportedly been misused by terrorist groups despite built-in safeguards, highlighting ...
An exposed WP-SHELLSTORM server revealed tools, logs, cloud credentials, and thousands of webshells used in a large website ...
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could ...
A new attack technique dubbed HalluSquatting turns AI assistants’ tendency to hallucinate into a scalable infection vector.
AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
Indirect prompt injection attacks are now draining cryptocurrency from AI agents in production. Zscaler ThreatLabz documented ...