Tag: intelligence
-
MCP Developer Executes Sneaky Heel Turn by Copying Emails
Backdoored NPM Module Sent Sensitive Mail Copies to Threat Actor. A patient hacker hooked victims by building a reliable tool integrated into hundreds of developer workflows that connects artificial intelligence agents with an email platform. The unidentified software engineer published 15 flawless versions until he slipped in code copying users’ emails. First seen on govinfosecurity.com…
-
Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload
Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying a new PowerShell-based loader that abuses Windows Scheduled Tasks to execute its final payload. Active since at least 2015 and focused on political and military intelligence across South and Southeast Asia, Patchwork is renowned for…
-
Can Shadow AI Risks Be Stopped?
Agentic AI has introduced abundant shadow artificial intelligence (AI) risks. Cybersecurity startup Entro Security extends its platform to help enterprises combat the growing issue. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/can-shadow-ai-risks-be-stopped
-
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits
Tags: ai, attack, cloud, cybersecurity, data, data-breach, exploit, flaw, google, injection, intelligence, privacy, risk, vulnerabilityCybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google’s Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft.”They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud First seen on thehackernews.com Jump to article: thehackernews.com/2025/09/researchers-disclose-google-gemini-ai.html
-
Feed mit Indicators of Compromise von Artic Wolf für eigene Sicherheitslösungen
Arctic Wolf gibt Erweiterungen für Arctic-Wolf-Threat-Intelligence-Plus bekannt. Mit diesen haben Unternehmen die Möglichkeit, denselben hochwertigen Feed mit Indicators of Compromise (IoCs) einzusetzen, den auch das KI-gestützte Security-Operations-Center (SOC) von Arctic Wolf nutzt und zwar direkt in ihren vorhandenen Sicherheitslösungen. Durch das Update von Threat-Intelligence-Plus werden Unternehmen dabei unterstützt, sich proaktiv vor adaptiven Cyberbedrohungen zu […]…
-
New Android Banking Trojan Uses Hidden VNC for Full Remote Control of Devices
In late August 2025, Cleafy’s Threat Intelligence team uncovered Klopatra, a new, highly sophisticated Android banking trojan and Remote Access Trojan (RAT) that grants attackers full control of compromised devices and facilitates large-scale financial fraud. Active campaigns in Spain and Italy have already infected over 3,000 devices, targeting users of major financial institutions and draining…
-
Warning: Malicious AI Tools Being Distributed as Chrome Extensions by Threat Actors
Cybercriminals are exploiting the growing popularity of artificial intelligence tools by distributing malicious Chrome browser extensions that masquerade as legitimate AI services. These fake extensions, mimicking popular AI platforms like ChatGPT, Claude, Perplexity, and Meta’s Llama, are designed to hijack user prompts and redirect them to attacker-controlled domains for malicious purposes. Security researchers from Palo…
-
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. First seen on hackread.com Jump to article: hackread.com/microsoft-ai-phishing-attack-hiding-svg-files/
-
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. First seen on hackread.com Jump to article: hackread.com/microsoft-ai-phishing-attack-hiding-svg-files/
-
APT35 Hackers Targeting Government and Military to Steal Login Credentials
Tags: credentials, cyber, government, hacker, intelligence, login, malicious, military, phishing, threatStormshield CTI researchers have identified two active phishing servers linked to APT35, revealing ongoing credential-stealing operations targeting government and military entities. In an active threat-hunting operation, Stormshield’s Cyber Threat Intelligence (CTI) team discovered two malicious servers exhibiting hallmark characteristics of APT35 infrastructure. These servers, mirroring footprints documented by Check Point, are hosting phishing pages designed…
-
Hacker umgehen immer häufiger MFA
Der Threat Intelligence Report 1H 2025 zeigt: Malware lauert oft in ungewöhnlichen Dateiformaten und auf kompromittierten USB-Devices. Ontinue, Experte für Managed Extended Detection and Response (MXDR), hat seinen Threat Intelligence Report für das erste Halbjahr 2025 veröffentlicht [1]. Die Ergebnisse zeigen einen deutlichen Anstieg von Cyberangriffen, die Multi-Faktor-Authentifizierung (MFA) umgehen. Zudem nutzen Hacker offene… First…
-
Ukraine’s digital chief pushes for AI-first state amid war and cyber threats
Ukraine’s deputy prime minister is betting big on artificial intelligence’s ability to shape governance, education and even the battlefield. First seen on therecord.media Jump to article: therecord.media/ukraine-ai-state-digital
-
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide.According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various regions, including Europe, the Americas, and the Asia, Middle East, and Africa (AMEA) region. First…
-
AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-generated-code-phishing/
-
New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials
Tags: attack, credentials, cyber, detection, intelligence, malware, phishing, soc, spear-phishing, threatAdversaries don’t work 95 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and cyber analysts who hunt, investigate, contain and respond to threats within minutes. Backed by threat intelligence, tactical threat response and advanced threat analytics from our Threat Response Unit (TRU), eSentire delivers rapid detection and disruption…
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong Kong, the new service offers unique industry insights for threat intelligence platforms (TIPs), security operation centers (SOCs) and…
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong Kong, the new service offers unique industry insights for threat intelligence platforms (TIPs), security operation centers (SOCs) and…
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, 29th September 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/threatbook-launches-best-of-breed-advanced-threat-intelligence-solution/
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, 29th September 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threatbook-launches-best-of-breed-advanced-threat-intelligence-solution/
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, 29th September 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threatbook-launches-best-of-breed-advanced-threat-intelligence-solution/
-
Warum KI ein Teil der Cybersicherheit von Unternehmen sein sollte
Künstliche Intelligenz beschleunigt die Reaktion auf Cyberangriffe und hilft bei der Entwicklung von Verteidigungsstrategien, die auf neue Bedrohungen zugeschnitten sind. Expertenkommentar von Joel Carusone, Senior Vice President of Data and Artificial Intelligence bei NinjaOne KI ist ein mächtiger Verbündeter im Kampf gegen Cyberbedrohungen. In einer aktuellen Umfrage des Ponemon Institute geben 56 Prozent… First seen…
-
Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks
Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS malware XCSSET that has been employed in limited attacks. Trend Micro first spotted the malware in 2020 when it was spreading through Xcode projects and exploiting two zero-day vulnerabilities…
-
Salesforce Patches CRM Data Exfiltration Vulnerability
Agentforce Agentic AI Tool Was Exposed to Indirect Prompt Injection Attacks. Salesforce has patched a vulnerability involving its Agentforce agentic artificial intelligence tool, discovered by researchers, that attackers could have exploited using an indirect prompt injection attack to steal sensitive customer data and leads being stored in the CRM system. First seen on govinfosecurity.com Jump…
-
Lyin’ and Cheatin’, AI Models Playing a Game
OpenAI, Apollo Research Find Models Hide Misalignment; Training Cuts Deception. Frontier artificial intelligence models are learning to hide their true intentions to pursue hidden agendas, said OpenAI and Apollo Research. Researchers say the risk of deception needs to be tackled now, especially as AI systems take on more complex, real-world responsibilities. First seen on govinfosecurity.com…
-
Top 10 Best AI Penetration Testing Companies in 2025
Tags: ai, automation, cyber, cybersecurity, intelligence, penetration-testing, strategy, threat, tool, vulnerabilityIn 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability analysis faster than traditional manual assessments. Businesses now demand AI-powered solutions to protect against evolving cyber threats and ensure compliance. Choosing the right AI penetration testing platform not only saves time and resources but also…
-
Keeper Security Integration with Google SecOps Expands Visibility into Privileged Access
Keeper Security has announced a new integration with Google Security Operations (GoogleSecOps). The integration streams privileged access activity from Keeper into the Google SecOps platform, which unifies Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR) and threat intelligence, to give security teams real-time visibility and faster incident response. As attackers increasingly…
-
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks.”This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the Microsoft Threat Intelligence team said in a Thursday report.”It employs sophisticated encryption and obfuscation First seen…
-
Identity Resilience: Rubrik erweitert Integration mit CrowdStrike Falcon
Durch die Integration von Rubrik Security Cloud in Falcon Fusion SOAR, Next-Gen SIEM, Falcon Threat Intelligence und Charlotte AI können Sicherheitsteams den Prozess der Untersuchung und Reaktion vereinfachen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/identity-resilience-rubrik-erweitert-integration-mit-crowdstrike-falcon/a42157/
-
Identity Resilience: Rubrik erweitert Integration mit CrowdStrike Falcon
Durch die Integration von Rubrik Security Cloud in Falcon Fusion SOAR, Next-Gen SIEM, Falcon Threat Intelligence und Charlotte AI können Sicherheitsteams den Prozess der Untersuchung und Reaktion vereinfachen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/identity-resilience-rubrik-erweitert-integration-mit-crowdstrike-falcon/a42157/
-
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations since March 2025. Targets include legal, Software as a Service (SaaS) providers, Business Process Outsourcers…