Cybercriminals are deploying a sophisticated new phishing campaign that leverages fake spam filter alerts to steal user email login credentials. This evolving threat specifically targets individuals by impersonating legitimate security notifications from their own organizations, making it a highly deceptive practice. The campaign’s ingenuity lies in its ability to bypass…

Anthropic revealed Thursday that a sophisticated, previously unknown Chinese state-sponsored hacking group utilized the company’s Claude AI generative AI product in a campaign that breached the defenses of at least 30 organizations. This marks a significant escalation in the misuse of advanced AI tools for cyberattacks. According to Anthropic’s research,…

North Korean threat actors have adopted novel tactics in their ongoing “Contagious Interview” campaign, now leveraging legitimate JSON storage services to host and distribute malicious payloads. This evolution in their methodology highlights a persistent effort to bypass security measures and compromise software developers for sensitive data exfiltration, including cryptocurrency wallet…

A sophisticated supply chain attack has been uncovered targeting the popular npm package manager, with a malicious package named “@acitons/artifact” downloaded over 206,000 times. Security researchers discovered this threat on November 7th, identifying it as a potent example of typosquatting. The attackers deliberately misspelled the name of a legitimate package,…

The evolving SmartApeSG campaign, also known as ZPHP or HANEY MANEY, is employing a sophisticated ClickFix technique to deploy the NetSupport Remote Access Trojan (RAT) on Windows systems. This shift in tactics moves away from previous methods involving fake browser updates, instead tricking users into verifying their humanity through deceptive…

The phishing kit known as Lighthouse, implicated in widespread text-based scams such as those demanding payment for fictitious unpaid road tolls, has reportedly been hindered shortly after Google initiated legal action against its presumed operators. Google announced on Thursday that Lighthouse’s operations have ceased, with two cybersecurity firms that monitor…

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities affecting prominent AI inference engines from Meta, Nvidia, Microsoft, and open-source projects like vLLM and SGLang. The widespread flaws, identified by Oligo Security, stem from a shared insecure coding pattern dubbed “ShadowMQ,” which leverages the combination of ZeroMQ (ZMQ) and Python’s…

Security researchers have uncovered a massive, coordinated spam campaign that flooded the npm registry with over 43,000 malicious packages over nearly two years. Dubbed the “IndonesianFoods worm,” this operation highlights potential vulnerabilities in the widely used JavaScript package manager. These dormant packages, representing more than 1 percent of the entire…

Cybersecurity researchers have exposed a sophisticated threat campaign, dubbed “Contagious Interview,” where malicious actors are leveraging legitimate JSON storage services to host and distribute malware, specifically targeting software developers. This innovative technique allows threat actors to blend harmful code into seemingly innocuous development projects, making detection by traditional security measures…

Ransomware Landscape Fractures, Signaling Decentralized Ecosystem The ransomware landscape in Q3 2025 has reached a new peak of decentralization, with 85 active ransomware and extortion groups identified, the highest number ever recorded. This proliferation signifies a significant shift from the dominance of a few large ransomware-as-a-service (RaaS) operations to a…

A new cross-platform ransomware, dubbed Kraken, has emerged as a significant threat to enterprise environments. First observed in August 2025, this sophisticated malware developed by a Russian-speaking cybercriminal group is capable of targeting Windows, Linux, and VMware ESXi systems. This versatile attack vector marks a concerning evolution in ransomware capabilities,…

State-sponsored threat actors from China have orchestrated a highly sophisticated espionage campaign leveraging artificial intelligence (AI) technology, marking a significant escalation in the use of advanced tools for cyber attacks. In mid-September 2025, these actors employed AI capabilities developed by Anthropic, a leading AI safety company, to conduct automated cyber…