Aug 27, 2025Ravie LakshmananCyber Attack / Artificial Intelligence Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data in July 2025. “The actor… Read More "Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors"
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. “Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across… Read More "Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks"
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in… Read More "Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model"
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC). According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared… Read More "ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots"
Aug 27, 2025The Hacker NewsEnterprise Security / Data Protection Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of… Read More "The 5 Golden Rules of Safe AI Adoption"
Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent. The activity, assessed… Read More "Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data"
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale cybercrime… Read More "ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners"
Aug 26, 2025Ravie LakshmananVulnerability / Mobile Security A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per… Read More "New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station"
Aug 26, 2025Ravie LakshmananVulnerability / Remote Code Execution Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question are… Read More "Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775"
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of sending unsolicited phishing emails, attackers… Read More "MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers"
