Cybersecurity
68 articles RSS
Pakistan-Linked APT36 Deploys AI-Generated 'Vibeware' Against Indian Government in First Documented Nation-State Use of Vibe-Coded Malware
Bitdefender documents APT36 using LLMs to mass-produce malware in Nim, Zig, and Crystal at a daily cadence, flooding Indian government networks with disposable implants in a strategy researchers call 'Distributed Denial of Detection.'
Claude Code Vulnerabilities Let Attackers Run Arbitrary Commands and Steal API Keys by Cloning a Repository
Check Point Research disclosed two CVEs in Anthropic's Claude Code that turned project configuration files into attack vectors, enabling remote code execution and API key exfiltration before users could approve a trust dialog.
Cloudflare's 2026 Threat Report: Attackers Swap Break-Ins for Log-Ins as AI and Credential Theft Redefine the Threat Landscape
Cloudflare's 2026 Threat Report documents a pivotal shift: attackers now log in rather than break in, using stolen session tokens and AI-assisted credential theft to bypass MFA, as DDoS volumes doubled and nation-state pre-positioning inside critical infrastructure intensifies.
Google Disrupts Decade-Long Chinese Cyberespionage Campaign That Hijacked Google Sheets to Spy on 53 Telecoms and Governments Across 42 Countries
Google and Mandiant exposed UNC2814, a China-nexus threat actor that used a novel backdoor called GRIDTIDE to abuse Google Sheets as command-and-control infrastructure, breaching telecoms and government agencies across three continents since at least 2017.
Conduent Breach Reaches 25 Million Americans, Making It the Largest in U.S. History
A ransomware attack on government services giant Conduent exposed SSNs, medical records, and health insurance data for at least 25 million Americans across multiple states.
Cisco SD-WAN Zero-Day Exploited for Three Years Before Patch, CISA Issues Emergency Directive
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN has been actively exploited since 2023 by a sophisticated threat actor, prompting a CISA emergency directive requiring federal agencies to patch or disconnect affected systems.
AWS European Sovereign Cloud Goes Live, but CLOUD Act Shadow Looms Over €7.8 Billion Promise
Amazon launched its AWS European Sovereign Cloud in Brandenburg, Germany in January 2026 with €7.8 billion in investment and ~90 services, but legal experts warn the U.S. CLOUD Act may undermine its core sovereignty guarantees.
IBM X-Force 2026 Report Reveals AI-Accelerated Attacks Exploiting Basic Security Gaps as Ransomware Groups Splinter and Multiply
IBM's annual threat index finds vulnerability exploitation now causes 40% of breaches, with 109 ransomware groups active and over 300,000 AI platform credentials stolen.
AI-Augmented Threat Actor Breached 600 FortiGate Firewalls in Five Weeks Using Commercial LLMs, Amazon Warns
Amazon Threat Intelligence tracked a low-skill actor who used DeepSeek and Claude to compromise 600+ FortiGate devices across 55 countries, signaling AI is lowering the barrier to large-scale cyberattacks.
Prompt Injection in AI Issue Triage Bot Led to Cline CLI Supply Chain Attack, Affecting Thousands of Developers
A security researcher's disclosure of a prompt injection flaw in Cline's AI-powered GitHub issue bot was weaponized eight days later to steal npm publish tokens and install unauthorized software on developer machines.
Chinese Hackers Exploited a Maximum-Severity Dell Zero-Day for Nearly Two Years Before Discovery
A hardcoded-credential flaw in Dell RecoverPoint rated CVSS 10.0 let Chinese spies deploy three malware families and hide inside VMware infrastructure since mid-2024.
npm, PyPI, and Crates.io Cannot Afford Basic Security as Malware Costs Devour Thin Budgets, Alpha-Omega Audit Reveals
An audit of the world's largest open source package registries finds they spend 12 percent of their budgets fighting malware and just 2 percent on new features, with no path to sustainable security funding.