Tag: attack
-
NDSS 2025 Try to Poison My Deep Learning Data? Nowhere To Hide Your Trajectory Spectrum!
Session 12D: ML Backdoors Authors, Creators & Presenters: Yansong Gao (The University of Western Australia), Huaibing Peng (Nanjing University of Science and Technology), Hua Ma (CSIRO’s Data61), Zhi Zhang (The University of Western Australia), Shuo Wang (Shanghai Jiao Tong University), Rayne Holland (CSIRO’s Data61), Anmin Fu (Nanjing University of Science and Technology), Minhui Xue (CSIRO’s…
-
‘Promptware’ Attacks Await an Unprepared AI Industry
Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of Attacks. The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as promptware. First seen…
-
‘Pomptware’ Attacks Await an Unprepared AI Industry
Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of Attacks. The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as promptware. First seen…
-
‘Pomptware’ Attacks Await an Unprepared AI Industry
Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of Attacks. The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as promptware. First seen…
-
Cybercrime Goes Corporate: Huntress Report Reveals Rise of Scalable, Stealth-First Attacks
Cybercriminals are no longer lone hackers exploiting flashy zero-days; they are running streamlined, profit-driven operations that mirror legitimate businesses. That’s the key takeaway from the newly released Huntress 2026 Cyber Threat Report, which exposes how organised cybercrime groups are standardising their playbooks to maximise efficiency and revenue. Drawing on telemetry from more than 4.6 million…
-
Hackers Increasingly Prefer Fast and Low-Complexity Attacks
Incident Responders Detail Top Ransomware and Business Email Compromise Tactics. There’s no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing low-complexity entry points, rather than investing in sophisticated exploits, say incident responders. First seen on govinfosecurity.com Jump…
-
NDSS 2025 CLIBE: Detecting Dynamic Backdoors In Transformer-based NLP Models
Session 12D: ML Backdoors Authors, Creators & Presenters: Rui Zeng (Zhejiang University), Xi Chen (Zhejiang University), Yuwen Pu (Zhejiang University), Xuhong Zhang (Zhejiang University), Tianyu Du (Zhejiang University), Shouling Ji (Zhejiang University) PAPER CLIBE: Detecting Dynamic Backdoors in Transformer-based NLP Models Backdoors can be injected into NLP models to induce misbehavior when the input text…
-
Identity and supply chain need more attention, risk intelligence firm says
Roughly a third of attacks now use stolen credentials, according to the company’s latest report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/identity-supply-chain-dataminr-report/812447/
-
The era of the Digital Parasite: Why stealth has replaced ransomware
For years, ransomware encryption functioned as the industry’s alarm bell. When systems locked up, defenders knew an attack had occurred. Not anymore. New empirical data show … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/18/picus-security-red-report-identity-driven-cyberattacks/
-
Securing OpenClaw Against”ClawHavoc”
As of February 2026, OpenClaw (formerly Clawdbot and Moltbot ) is a popular platform for autonomous AI agents. Its “sovereign” architecture, which gives AI direct access to file systems and terminals, significantly increases its attack surface”, leading to elevated risks, most notably illustrated by the ClawHavoc supply-chain campaign, which exposed thousands of deployments to potential…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
EdTech Magazine – What Minimum Viable Cybersecurity Looks Like for K12 Districts
This article was originally published in EdTech Magazine on 02/11/26 by Didi Gluck. As ransomware and phishing attacks grow more sophisticated, districts can’t rely on perimeter defenses alone. Cybersecurity has become a top priority for K12 districts, not just to keep students safe online but to ensure continuity across devices, systems and end user accounts.…
-
Flaws in four popular VS Code extensions left 128 million installs open to attack
Tags: access, api, attack, cloud, credentials, cve, flaw, infrastructure, malicious, microsoft, risk, supply-chain, tool, update, vulnerability, xssMicrosoft quietly patched its own extension: The fourth vulnerability played out differently. Microsoft’s Live Preview extension, with 11 million downloads, contained a cross-site scripting flaw that, according to OX Security, let a malicious web page enumerate files in the root of a developer’s machine and exfiltrate credentials, access keys, and other secrets.The researchers reported the…
-
Cryptocurrency Scams in Asia Combine Malvertising and Pig Butchering, Causing Losses Up to ¥10 Million
A rising wave of cryptocurrency scams sweeping across Asia is blending two major fraud techniques malvertising and pig butchering to create a more deceptive and scalable attack model. The scams begin with malvertising, where attackers run ads impersonating well”‘known financial experts or promoting AI”‘powered trading platforms. These ads often seen on Facebook, Instagram, and other social media sites direct users…
-
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. >>Mandiant and Google Threat Intelligence Group (GTIG) have identified…
-
Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation
Tags: apt, attack, browser, chrome, control, cyber, cybersecurity, exploit, google, group, network, security-incident, vulnerability, windows, zero-dayBackground In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, the operation leveraged a Google Chrome 0-day vulnerability (CVE-2025-2783) as its core weapon. This vulnerability enabled sandbox escape, allowing arbitrary code execution on victims’ Windows systems and granting full control over the targeted…The…
-
A new approach for GenAI risk protection
Solution 1: GenAI enterprise model: Implement enterprise licenses for approved GenAI solutions (such as ChatGPT Enterprise or Microsoft CoPilot 365, which is integrated into existing O365 tenants). Enterprise GenAI solutions typically include a robust set of built-in security tools that allow organizations to secure their data and implement DLP controls within the enterprise GenAI solution…
-
ClickFix Exploits Homebrew Workflow to Deploy Cuckoo Stealer for macOS Credential Theft
ClickFix is being weaponized against macOS developers by turning a trusted Homebrew workflow into a stealthy delivery channel for a new infostealer dubbed Cuckoo Stealer. The campaign shows how attackers can skip exploit chains entirely and instead rely on users to run the payload for them.”‹ The attack starts with typosquatted domains that closely mimic…
-
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
-
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
-
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
After detecting a zero-day attack, the country’s effective response was attributed to the tight relationship between its government and private industry. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/singapore-major-telcos-fend-chinese-hackers
-
AI-Driven Threat Detection for Quantum-Enabled Side-Channel Attacks
Learn how to protect your AI infrastructure from quantum-enabled side-channel attacks using post-quantum cryptography and ai-driven threat detection for MCP. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ai-driven-threat-detection-for-quantum-enabled-side-channel-attacks/
-
Japan’s Washington Hotel Reports Ransomware Attack
Washington Hotel, located in Japan, confirmed a ransomware attack on internal servers and is investigating the extent of the incident. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/japans-washington-hotel-reports-ransomware-attack/
-
Supply Chain Attack Embeds Malware in Android Devices
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices
-
Supply Chain Attack Embeds Malware in Android Devices
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices
-
Poland Energy Survives Attack on Wind, Solar Infrastructure
Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/poland-energy-attack-wind-solar-infrastructure