A newly identified stealthy Python-based backdoor framework provides attackers with persistent remote command execution and surveillance capabilities on Windows computers, Securonix reports. The malware’s infection chain starts with the execution of a batch script that disables the system’s security controls,… Read More "Sophisticated Deep#Door Backdoor Enables Espionage, Disruption"
Threat actors are using trojanized shared files to distribute malware via AI distribution platforms such as Hugging Face and ClawHub, Acronis reports. The attacks do not compromise AI agents, but rely on social engineering to trick users into downloading files… Read More "Hugging Face, ClawHub Abused for Malware Distribution"
Stalkerware allows people to secretly spy on romantic partners, family members or other associates by infecting a target’s phone and then silently amassing their text messages, photos, location information, and other data. The malware is profoundly intrusive in and of… Read More "Exposed Data Illustrates the Nightmare Scenario for a Stalkerware Victim"
A recently discovered threat actor has been observed bombarding victims with emails and impersonating IT support to convince them to execute malicious code, Google Threat Intelligence Group (GTIG) reports. In December 2025, the threat actor, tracked as UNC6692, was seen… Read More "UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware"
SentinelOne has discovered a Lua-based sabotage malware created years before the notorious Stuxnet malware and designed to tamper with high-precision calculation software. Dubbed Fast16, the malware was referenced in the ShadowBrokers’ leak of National Security Agency (NSA) offensive tools and… Read More "Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions"
Instead, Kamluk saw that it was a self-spreading piece of code with very different intentions. Using what was referred to within the code as “wormlet” functionality, Fast16 is designed to copy itself to other computers on the network via Windows’… Read More "Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet"
The advent of AI hacking tools has raised fears of a near future in which anyone can use automated tools to dig up exploitable vulnerabilities in any piece of software, like a kind of digital intrusion superpower. Here in the… Read More "AI Tools Are Helping Mediocre North Korean Hackers Steal Millions"
Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of both security researchers and cybercriminals. Google Antigravity is an ‘agent-first’ development platform that evolves the traditional code editor into a mission control for autonomous AI agents. Powered… Read More "Google Antigravity in Crosshairs of Security Researchers, Cybercriminals"
Amid a raging debate over the impact that new AI models will have on cybersecurity, Mozilla said on Tuesday that its Firefox 150 browser release this week includes protections for 271 vulnerabilities identified using early access to Anthropic’s Mythos Preview.… Read More "Mozilla Used Anthropic’s Mythos to Find and Fix 151 Bugs in Firefox"
Over two dozen fake cryptocurrency applications targeting iOS users have been published to the Apple App Store, Kaspersky reports. The malicious campaign, dubbed FakeWallet, has been ongoing since at least the fall of 2025, focused on stealing users’ recovery phrases… Read More "Dozens of Malicious Crypto Apps Land in Apple App Store"
