IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

Researchers from Check Point (CPR) have detailed three vulnerabilities in Claude Code which can be used to remotely execute malicious code (RCE), or steal sensitive data such as API credentials, from ...

AI agents now operate across enterprise systems, creating new risk via prompt injection, plugins, and persistent memory. Here ...

Discover OpenFang, the Rust-based Agent Operating System that redefines autonomous AI. Learn how its sandboxed architecture, pre-built "Hands," and security-first design outperform traditional Python ...

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software ...

These early adopters suggest that the future of AI in the workplace may not be found in banning powerful tools, but in wrapping them in a layer of measurable, real-time governance ...

After months of real-world testing of AI copilots, chat interfaces, and AI-generated apps, Terra Security releases a new module for continuous AI Penetration Testing to match AI development velocity ...

OpenClaw is a hot topic at the moment. But what is it and how can you use the 24/7 AI assistant in a safe way?

OpenClaw, an open-source AI assistant, acts, learns and sometimes goes off the script. Experts caution that while agentic AI feels magical, it is dangerous.

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...