News

Uncle Sam indicts alleged ransomware kingpin tied to $18B in damages

"Tymoshchuk is a serial ransomware criminal who targeted blue-chip American companies, healthcare institutions, and large ...
The Register on MSN

Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python

A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions ...

Companies Are Competing for Employees With AI Skills. So Are Hackers.

AI expertise, English language proficiency and cloud skills are among the most desired traits for ransomware gangs seeking help.
CSO Online

CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...
Security Boulevard

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
Security Boulevard

Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns

Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company Cyberspike, has been loaded almost 11,000 times on PyPI in two months, ...

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

In a report published today and shared with The Register, the AI security company's Regalado and fellow researcher Amanda ...
CSO Online

When AI nukes your database: The dark side of vibe coding

As developers lean on Copilot and GhostWriter, experts warn of insecure defaults, hallucinated dependencies, and attacks that ...

TIME’s Kid of the Year Is Protecting Seniors From Cybercrime

It was a near miss for the unsuspecting senior. The fact that criminals would seek to take advantage of an old man’s lack of ...
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...