A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Gary Illyes, along with Martin Splitt, of Google posted a podcast explaining the top crawling challenges Google noticed amongst its 2025 year of crawling. The top challenges Google had with crawling ...

Malware can blend in with legitimate AI traffic, using popular AI tools as C2 infrastructure.

Many of the emails released by the Department of Justice from its investigation into Jeffrey Epstein are full of garbled ...

Mandiant, and partners disrupted a global espionage campaign attributed to a suspected Chinese threat actor that used SaaS API calls to hide malicious traffic in attacks targeting telecom and ...

Check Point Research shows browsing-enabled AI chat can act as a malware relay, moving commands and data through normal-looking traffic. Microsoft urges defense-in-depth, while defenders may need ...

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

AI agents may work smarter than chatbots, but with tool access and memory, they can also leak data, loop endlessly or act ...

APT28’s Operation MacroMaze used macro-laced documents and webhook.site to exfiltrate data across Europe from Sept 2025 to Jan 2026.

The method relies on AI assistants that support URL fetching and content summarization. By prompting the assistant to visit a malicious website and summarise its contents, attackers can tunnel encoded ...