Latest IntelligenceMalwarePage 14
Search by keyword →
Kyber ransomware gang toys with post-quantum encryption on Windows
A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant implementing Kyber1024 post-quantum ...
Spectrum Security Emerges From Stealth Mode With $19 Million
The threat detection startup will invest in accelerating its engineering and go-to-market efforts. The post Spectrum Security Emerges From Stealth Mode With $19...
Windows Remote Desktop Leaves Behind Image Fragments Attackers Can Stitch Into Screenshots
Whenever someone uses Windows Remote Desktop, the operating system quietly saves visual fragments of the active session. As recently highlighted by SCYTHE Labs,...
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
Researchers from the Czech Technical University in Prague have developed a new adversarial malware generator targeting Linux ELF binaries. It achieves a 67.74% ...
New Android Banking Malware Abuses Fake KYC Workflow and WhatsApp Delivery to Hijack Accounts
A new Android banking malware, tracked as KYCShadow, was discovered targeting bank customers across India through a carefully designed fake Know Your Customer (...
Fake Document Reader On Google Play With 10K Downloads Installing Anatsa Malware
A new fake document reader app found on the Google Play Store has been silently installing Anatsa, a powerful Android banking trojan, on thousands of user devic...
AI Coding Agent Powered by Claude Opus 4.6 Deletes Production Database in 9 Seconds
A Cursor AI coding agent powered by Anthropic’s Claude Opus 4.6 deleted the entire production database and all volume-level backups of PocketOS, a SaaS pl...
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. [...]...
Canada arrests three for operating “SMS blaster” device in Toronto
Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts to nearby phones....
ClickUp’s Hardcoded API Key Exposes 959 Emails from Fortune 500 Giants
A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and government email addresses, includin...
Webinar: Spotting cyberattacks before they begin
On Thursday, April 30 at 2:00 PM ET, BleepingComputer will host a live webinar with threat intelligence company Flare and threat intelligence researcher Tammy H...
Medical device giant Medtronic confirms data breach incident
Medtronic has disclosed that an unauthorized party accessed portions of its corporate IT environment, while stating there is currently no evidence of disruption...
20-Year-Old Malware Rewrites History of Cyber Sabotage
Researchers have uncovered a malware framework dubbed "fast16" that predates Stuxnet by 5 years....
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators. The post OpenSSH Flaw Allowing Full Root Shell Acces...
Microsoft Officially Shares Group Policy to Remove Windows 11 Copilot from Enterprise Devices
Microsoft has officially released a new Group Policy setting that allows IT administrators to silently uninstall the Microsoft Copilot app from managed Windows ...
Vidar Malware Hides Second-Stage Payloads in JPEG and TXT Files to Evade Detection
Vidar, one of the most active information-stealing malware families, has taken on a new shape in 2026. Researchers have found that its latest version now concea...
Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities
Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic controller (Soft PLC) pl...
.webp)
‘fast16’ Malware with Sabotage Capabilities Attacking Ultra expensive Targets
The fast16 malware is a recently exposed sabotage‑capable threat designed to target extremely high‑value environments and ultra‑expensive systems with precision...
Claude AI Agents Close 186 Deals in Anthropic’s Marketplace Experiment
Anthropic’s “Project Deal” has demonstrated that AI agents can autonomously negotiate and close real-world transactions, but the experiment al...
China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Leg...