The number of AI-enabled cyber-attacks has nearly doubled during the last year, CrowdStrike has warned, as threat actors deployed machine learning and Large Language Models (LLMs) to help optimize attack techniques and hacking campaigns. According to the CrowdStrike Global Threat… Read More "AI-powered Cyber-Attacks Up Significantly, Warns CrowdStrike"
A new wave of cyber-attacks using Medusa ransomware has been linked to North Korean state-backed hackers, who continue to target the US healthcare sector despite recent indictments. Researchers from the Symantec and Carbon Black Threat Hunter Team said the attackers deployed… Read More "North Korean Lazarus Group Expands Ransomware Activity With Medusa"
Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by… Read More "Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks"
“Code security is a vital piece of a cybersecurity program and overall tech stack, but far from the only one” Justin Greis, CEO of consulting firm Acceligence pointed out. “There’s no doubt that improving code security and enhancing the Secure… Read More "Anthropic’s Claude Code Security rollout is an industry wakeup call"
AI is helping threat actors to accelerate attacks, but it can also empower incident responders to quickly contain threats, ReliaQuest has claimed in a new report. The firm’s Annual Cyber-Threat Report 2026 is based on an analysis of customer incidents. It… Read More "AI Accelerates Attacker Breakout Time to Just Four Minutes"
Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created… Read More "Identity Prioritization isn’t a Backlog Problem"
A massive Shai-Hulud-style npm supply chain worm is hitting the software ecosystem, burrowing through developer machines, CI pipelines, and AI coding tools. Socket researchers uncovered the active attack campaign and called it SANDWORM_MODE, derived from the “SANDWORM_*” environment variable switches… Read More "Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools"
Generative AI firm Anthropic said three Chinese AI companies have generated millions of queries with the Claude large language model (LLM) in order to copy the model – a technique called ‘model distillation attack.’ In a new blog published on… Read More "Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns"
Ransomware groups have averaged nearly 700 victims a month in the last four months, and many attacks have posed supply chain risks. Ransomware groups claimed more than 2,000 attacks in the last three months of 2025 – and they’re starting 2026 at the same elevated pace. Cyble recorded 2,018 claimed attacks by ransomware groups in the fourth… Read More "Ransomware Groups Surge In Q4 2025 – Cyble Insights"
The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and… Read More "UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors"
