New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack
Red Canary uncovers 'Mocha Manakin,' a new threat using paste and runs to deliver custom NodeInitRAT malware, potentially leading to ransomware. Learn to protect your systems.
Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data.
Scammers Insert Fake Support Numbers on Real Apple, Netflix, PayPal Pages
Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how 'search parameter injection' scams work and protect yourself now.
GodFather Android Malware Runs Real Apps in a Sandbox to Steal Data
Zimperium zLabs reveals GodFather malware’s advanced virtualization that hijacks mobile banking and crypto apps. Learn how it steals data on your phone.
AgentSmith Flaw in LangSmith’s Prompt Hub Exposed User API Keys, Data
A CVSS 8.8 AgentSmith flaw in LangSmith's Prompt Hub exposed AI agents to data theft and LLM manipulation. Learn how malicious AI agents could steal API keys and hijack LLM responses. Fix deployed.
WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models
Cato CTRL uncovers new WormGPT variants on Telegram powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research.
Zoomcar Data Breach Exposes Personal Info of 8.4 Million Users
Zoomcar confirms 2025 breach affecting 8.4M users, echoing its 2018 data leak. Personal info exposed, financial data safe, investigation ongoing.
Report Links Los Pollos and RichAds to Malware Traffic Operations
New research by Infoblox Threat Intel exposes a hidden alliance between major cybercrime groups like VexTrio and seemingly…
Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach
Hackers leak data of 10,000 VirtualMacOSX customers in alleged breach, exposing names, emails, passwords, and financial details on a hacking forum.
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data
Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security.