GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...
CoinDesk

How Anthropic’s Mythos model is forcing the crypto industry to rethink everything about security

DeFi leaders say that AI will arm both attackers and defenders, and widen the gap between projects that prioritize security ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
exchange4media

Short seller reports on Sportradar expose gaps in India’s illegal betting crackdown

Its findings carry significant implications for Indian regulators and enforcement agencies, particularly as it identifies ...
Security Boulevard

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...
Defense Mirror

Turkish firm, ARCA Defence to Set up Artillery Ammo Plant in Estonia

Turkey firm, ARCA Defence will establish a high-output ammunition production facility under the name “ARCA Baltic” in the ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...

Wealthy Canadians should prepare for audits focused on these areas

Specific priorities for audits are evolving continually and are outlined in the agency’s departmental plans each fiscal year.
Lablab.ai

Perplexity Computer: Stop Prompting, Start Delegating

A practical guide to Perplexity Computer: multi-model orchestration, setup and credits, prompting for outcomes, workflows, ...