-
Cryptojacking, the unauthorized use of a victim’s computing resources to mine cryptocurrency, has transitioned from a browser-based nuisance (typified by Coinhive scripts) to a system-level threat utilizing advanced malware techniques. The infect…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI has collaborated with crypto investment firm Paradigm to release EVMbench, a new benchmark designed to evaluate how artificial intelligence agents interact with smart contract security. As smart contracts currently secure over $100 billion in op…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DigitStealer’s expanding command-and-control (C2) footprint is exposing more of its backend than its operators likely intended, giving defenders fresh opportunities to track and block new infrastructure linked to the macOS‑targeting infostealer. Unlike…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at Check Point Research (CPR) have uncovered a novel technique where cybercriminals utilize popular AI platforms like Grok and Microsoft Copilot to orchestrate covert attacks. This method transforms benign AI web services into proxies for C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MCP servers can silently turn AI assistants into powerful attack platforms, enabling arbitrary code execution, large‑scale data exfiltration, and stealthy user manipulation across both local machines and cloud environments. New research and recent real…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security flaw in Microsoft 365 Copilot is currently causing the AI assistant to incorrectly summarize email messages protected by confidentiality sensitivity labels, essentially bypassing configured Data Loss Prevention (DLP) policies. This vulnerabi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenClaw, the open-source autonomous AI assistant that has gained widespread adoption in early 2026, released version v2026.2.17 on February 17, 2026, introducing support for Anthropic’s latest Claude Sonnet 4.6 model. The release comes amid grow…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A rising wave of cryptocurrency scams sweeping across Asia is blending two major fraud techniques malvertising and pig butchering to create a more deceptive and scalable attack model. The scams begin with malvertising, where attackers run ads impersona…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, are being actively exploited to compromise enterprise mobile fleets and corporate networks. Both are remote code execution (RCE)…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fake CAPTCHA (ClickFix) pages are enabling threat actors to turn a single user click into an enterprise‑wide compromise, as seen in a recent incident affecting a major Polish organization. The campaign chained social engineering, DLL side‑loading, and …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
