A new kind of cyber threat has emerged: malware that uses GPT-4 — the same type of AI behind advanced chat assistants — to generate malicious programs like ransomware. It’s like giving a weapon the ability to forge its own bullets. Researchers have discovered a prototype called MalTerminal that does just that. MalTerminal is a […]
A dangerous new Android malware called Datzbro has been discovered, and it’s specifically tricking seniors through fake Facebook groups and AI-generated posts. The attackers are pretending to organize friendly travel or community events, but their real goal is to convince people to install malicious apps that give hackers full control of their phones. The scam […]
Google’s new AI assistant, Gemini, had some serious security holes — and researchers say hackers could’ve used them to sneak in, steal data, or manipulate the system in sneaky ways. The good news is: these flaws have been patched. Here’s what went wrong, how it could’ve been abused, and what it means for you. What […]
A massive ad-fraud operation called SlopAds was found operating through 224 Android apps, which together were downloaded 38 million times across 228 countries and territories. The apps inflated ad impressions and clicks using hidden techniques, sending about 2.3 billion bid requests every day at its peak. The apps carried out this fraud in a stealthy […]
The Akira ransomware group has ramped up its attacks on SonicWall devices, exploiting a critical SSL VPN vulnerability and misconfigurations to gain unauthorized access. Security researchers have observed a surge in intrusions linked to SonicWall firewalls since late July 2025, particularly involving the flaw designated CVE-2024-40766, which scored 9.3 in severity. This issue stemmed from […]
Cybersecurity researchers have linked a new wave of attacks on financial institutions to the notorious group known as Scattered Spider, contradicting their earlier statements that they were disbanding. The group has shifted its focus toward the financial services industry, creating look-alike domains aimed at organizations in that sector, and launching a recent targeted intrusion against […]
In a joint operation, Microsoft’s Digital Crimes Unit and Cloudflare have dismantled RaccoonO365, a phishing-as-a-service (PhaaS) network, by seizing 338 domains tied to the toolkit. The network had been used to steal over 5,000 Microsoft 365 credentials across 94 countries since July 2024. The action was enabled by a court order from the Southern District […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two serious security problems—one in WhatsApp and another in a TP-Link Wi-Fi device—to its Known Exploited Vulnerabilities list. When a flaw makes this list, it means hackers have already taken advantage of it in real-world attacks, so quick action is needed to protect against further […]
Cloudflare recently stopped one of the largest cyberattacks ever recorded, which reached a peak of 11.5 terabits per second (Tbps). The attack used a flood of data traffic to overwhelm systems but lasted only about 35 seconds before Cloudflare’s defenses automatically kicked in and shut it down. The company explained that its systems have been […]
A group of hackers linked to Iran recently carried out a worldwide email attack aimed at embassies and diplomatic offices. These cybercriminals sent fake emails designed to look like official diplomatic messages, tricking recipients into opening a harmful document disguised as a Microsoft Word file. The troubling part? When the document was opened, it prompted […]