Fake Claude Code install pages hit Windows and Mac users with infostealers

Attackers are cloning install pages for popular tools like Claude Code and swapping the “one‑liner” install commands with malware, mainly to steal passwords, cookies, sessions, and access to developer environments. Modern install guides often tell you to copy a single Read More …

New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download Read More …

Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors

Microsoft is warning of a new phishing campaign which aims to deploy persistent backdoors to victim’s computers. In a new in-depth analysis, the company’s researchers said they recently spotted multiple phishing campaigns, currently not attributed to any known threat actors, Read More …

‘Hundreds’ of Iranian hacking attempts have hit surveillance cameras since the missile strikes

Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. The Tel Aviv-based security shop has tracked “hundreds” of attempts Read More …

CIMB refutes claims of data breach involving 1.2 million records

CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its Read More …

Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit

Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). The exploit kit, named “Coruna” by its Read More …

Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS

A hacktivist group has claimed to have broken into systems belonging to the US Department of Homeland Security (DHS) and exposed sensitive files online. The group, with the self-awarded name “The Department of Peace”, stole data from the Office of Read More …

Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran

On Saturday, U.S. and Israeli jets began a bombing campaign against Iran, killing its supreme leader Ali Khamenei and several senior government officials. The attacks also hit military and civilian targets all across the country, including a girls’ school, where Read More …

Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild

Large language models (LLMs) and AI agents are becoming deeply integrated into web browsers, search engines and automated content-processing pipelines. While these integrations can expand functionality, they also introduce a new and largely underexplored attack surface. One particularly concerning class Read More …