#email-based-malware
#email-based-malware

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

How Should Effective AI Red Teams Operate?

AI-specific red teaming is essential for organizations to understand and mitigate risks associated with AI tools.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

more#artificial-intelligence

How Should Effective AI Red Teams Operate?

AI-specific red teaming is essential for organizations to understand and mitigate risks associated with AI tools.

Deliverability

fromWordtothewise

12 hours ago

DKIM2: What it means for the future of email

DKIM2 is a new email authentication protocol in development, improving security and reliability over DKIM and addressing issues from previous methods.

fromwww.cbc.ca

15 hours ago

Police arrest 3 people in cybercrime investigation, seize SMS blasters' used to defraud victims | CBC News

The investigation began in November 2025, when police were alerted to a suspected SMS blaster operating in downtown Toronto. Police later determined that the blaster was operating out of a car, which allowed it to move around the city and Greater Toronto Area.

Canada news

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

Science

Newly Deciphered Sabotage Malware May Have Targeted Iran's Nuclear Program-and Predates Stuxnet

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.

14 hours ago

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

UNC6692 uses social engineering via Microsoft Teams to deploy malware, targeting senior employees with email spam and impersonation tactics.

Information security

Sharing isn't caring if it's an admin password: Pwned

fromBusiness Matters

1 hour ago

Why Effective Patch Management Is Critical for Cybersecurity in 2026

Timely patch management is essential for protecting digital assets and maintaining business continuity against evolving cyber threats.

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

Supply chain vulnerabilities and AI tools exacerbate ongoing cyber threats, including state-backed crypto heists and active remote code execution exploits.

Science

11 hours ago

Newly Deciphered Sabotage Malware May Have Targeted Iran's Nuclear Program-and Predates Stuxnet

Fast16 is a sophisticated malware capable of subtly tampering with calculation and simulation software, likely created by the US or an ally.

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.

14 hours ago

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

UNC6692 uses social engineering via Microsoft Teams to deploy malware, targeting senior employees with email spam and impersonation tactics.

Sharing isn't caring if it's an admin password: Pwned

Prioritizing convenience over security can lead to significant data loss, as demonstrated by a client using a common password and sharing it publicly.

fromBusiness Matters

1 hour ago

Why Effective Patch Management Is Critical for Cybersecurity in 2026

Timely patch management is essential for protecting digital assets and maintaining business continuity against evolving cyber threats.

fromwww.independent.co.uk

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

Supply chain vulnerabilities and AI tools exacerbate ongoing cyber threats, including state-backed crypto heists and active remote code execution exploits.

more#cybersecurity

Media industry

10 hours ago

Boy, 13, among rising number of males blackmailed in sextortion scam

Sextortion scams predominantly target young men, with nearly half of victims in their twenties, highlighting a significant vulnerability across various age groups.

Apple

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Apple has released a software update to fix a flaw in iOS and iPadOS that retained deleted notifications on devices.

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A ransomware negotiator pleaded guilty to aiding BlackCat ransomware attacks against U.S. companies in 2023.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Information security

Third US Security Expert Admits Helping Ransomware Gang

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.

Healthcare

fromNextgov.com

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A ransomware negotiator pleaded guilty to aiding BlackCat ransomware attacks against U.S. companies in 2023.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Information security

Third US Security Expert Admits Helping Ransomware Gang

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.

more#ransomware

Privacy professionals

fromwww.theguardian.com

Criminal gangs profiting as child sexual abuse websites double, experts say

The number of commercial child sexual abuse websites has doubled in a year, highlighting a significant increase in online exploitation by criminal gangs.

Digital life

fromThe New Yorker

The Anguish of Data Loss

Data preservation is crucial, yet digital devices are fragile and often treated carelessly, leading to significant loss when data is not backed up.

fromArs Technica

12 hours ago

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

Marketing tech

fromSFGATE

1 week ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

Deliverability

22 hours ago

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

Privacy professionals

Lovable under fire over data breach

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

#phishing

Deliverability

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

5 days ago

Information security

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

2 weeks ago

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

Information security

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Deliverability

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

A phishing scam mimics an Apple security alert to trick users into calling a fake support number and potentially compromising their accounts.

5 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.

2 weeks ago

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Information security

Researchers find sabotage malware that may predate Stuxnet

Information security

Fake Google Antigravity Installer Can Steal Accounts in Minutes

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

1 week ago

Information security

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

2 hours ago

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

1 week ago

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

more#malware

11 hours ago

Dev targeted by sophisticated job scam

Vujičić noted that he receives daily messages about job offers, with a personal record of eight in one day, indicating the prevalence of recruitment scams targeting crypto professionals.

Information security

55 minutes ago

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity SSRF vulnerability in LMDeploy is actively exploited, allowing attackers to access sensitive data and internal networks.

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

#ai

Information security

Microsoft is using Mythos to detect vulnerabilities

Information security

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

fromComputerworld

Information security

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

from24/7 Wall St.

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.

Claude Mythos Finds 271 Firefox Vulnerabilities

Claude Mythos AI model identified 271 vulnerabilities in Firefox, leading to the release of version 150 with multiple patches.

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromComputerworld

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

from24/7 Wall St.

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.

Claude Mythos Finds 271 Firefox Vulnerabilities

Claude Mythos AI model identified 271 vulnerabilities in Firefox, leading to the release of version 150 with multiple patches.

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Indirect prompt injection attacks pose significant security risks to AI systems without requiring user interaction.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

fromZDNET

8 hours ago

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Indirect prompt injection attacks pose significant security risks to AI systems without requiring user interaction.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

more#ai-security

Privacy professionals

fromComputerworld

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.

fromZero Day Initiative

17 hours ago

Zero Day Initiative - CVE-2026-33824: Remote Code Execution in Windows IKEv2

Detection of attacks exploiting this vulnerability requires monitoring specific UDP ports and correlating IKE packets in sequence.

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.

fromComputerWeekly.com

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.

fromComputerWeekly.com

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI was compromised in the Checkmarx supply chain campaign, with malicious code stealing sensitive data from users.

1Password sees AI as both threat and tool

AI presents both risks and opportunities for password management, requiring firms to balance security with the potential for careless app development.

fromZDNET

The shadowy SIM farms behind those incessant scam texts - and how to stay safe

SIM farms are used by cybercriminals for financial fraud, spam, phishing, and online product scalping.

fromSitePoint Forums | Web Development & Design Community

Why Your OpenClaw Setup is a "Malicious Insider" in Waiting

OpenClaw's capabilities pose significant security risks, revealing vulnerabilities that can be exploited by malicious insiders.

fromnews.bitcoin.com

Mach-O Man Malware Steals macOS Keychain Data in Lazarus Group Crypto Campaign

North Korea's Lazarus Group deployed Mach-O Man malware targeting macOS users in crypto and fintech roles in April 2026.

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

Browser extensions disguised as TikTok video downloaders are compromising user data, highlighting vulnerabilities in enterprise security.

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

AI tools have enabled unskilled hackers to execute sophisticated cybercrime operations, resulting in significant financial theft.

fromArs Technica

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for ASP.NET Core to fix a high-severity vulnerability allowing unauthenticated attackers to gain SYSTEM privileges.

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.

fromEngadget

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

We're investigating a report claiming unauthorized access to Claude Mythos Previous through one of our third-party vendor environments.

Information security

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

A Mirai botnet exploits a command injection vulnerability in discontinued D-Link routers, posing risks to connected devices.

macOS ClickFix attacks deliver AppleScript stealers

A ClickFix campaign targets macOS users with an AppleScript infostealer that collects sensitive data from various browsers and cryptocurrency wallets.

3 days ago

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.

4 days ago

Top 3 Cyber Insurance Incident Claims

Cyber incidents are increasing claims in the insurance industry despite decreasing premiums, indicating a more active risk environment.

3 days ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.

Information security

2 weeks ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.

Targeted Phishing Attack Breaches Biotech Company Data

Intuitive Surgical suffered a phishing attack compromising employee credentials, exposing customer and corporate data, though operational systems and customer networks remained unaffected due to network segmentation.

Security Firm Executive Targeted in Sophisticated Phishing Attack

Targeted Phishing Attack Breaches Biotech Company Data

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 uses SEO poisoning and GitHub hosting to distribute trojans impersonating VPN software, stealing credentials through signed malware that evades detection.

Fake job applications pack malware that disables EDR

Russian cybercriminals target HR teams with malicious CVs disguised as job applications to install malware that disables security tools and steals corporate data.

fromZDNET

2 months ago

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

Web browsers are among the top targets for today's cybercriminals, playing a role in nearly half of all security incidents, new research reveals. According to Palo Alto Networks' 2026 Global Incident Response report, an analysis of 750 major cyber incidents recorded last year across 50 countries found that, in total, 48% of cybercrime events involved browser activity. Individuals trying to connect to the web, including business employees, are exposed to cyberthreats on a daily basis.

Information security