Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion…
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
î ‚Aug 27, 2025î „Ravie LakshmananCyber Attack / Artificial Intelligence Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized…
Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the…
ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within…
The 5 Golden Rules of Safe AI Adoption
î ‚Aug 27, 2025î „The Hacker NewsEnterprise Security / Data Protection Employees are experimenting with AI at record speed. They are drafting…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
î ‚Aug 27, 2025î „Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach sales automation…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
î ‚Aug 26, 2025î „Ravie LakshmananVulnerability / Mobile Security A team of academics has devised a novel attack that can be used…
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
î ‚Aug 26, 2025î „Ravie LakshmananVulnerability / Remote Code Execution Citrix has released fixes to address three security flaws in NetScaler ADC…
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory…
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA…