A new malware campaign built around the HanGhost loader is actively targeting corporate environments, focusing on employees involved in payments, logistics, and contract operations. The attack is designed to operate without leaving clear artifacts, enabling it to reach systems linked to revenue and operations before they are fully analyzed. The campaign has already shown multiple waves of activity with different malware families, indicating active development and scaling rather than a one-off
All Articles (2960)
Sort by
The idea that artificial intelligence might one day rival human creativity has become a familiar theme in public conversation. Generative models can rapidly produce images, stories and designs, which makes it tempting to assume that they possess something like imagination. A new study published in Advanced Science challenges that assumption in a direct and illuminating way. By examining how humans and AI generate images from abstract prompts, the researchers show that what looks like creativity
Senior business leaders in the UK are experiencing a significant rise in job complexity, with artificial intelligence (AI) identified as a primary driver. A study by Alliance Manchester Business School (AMBS), based on a Censuswide survey of 500 UK managers, directors, and C-suite executives, reveals that almost three quarters (73%) of senior management have found their roles more complex since 2020 because of AI. This figure climbs to 79% among directors and C-suite personnel, and 82% among m
Users frequently entrust AI assistants with highly sensitive information, including medical records, financial documents, and proprietary business code. Check Point researchers have disclosed a critical vulnerability in ChatGPT's architecture that enables attackers to extract user data covertly. A flaw in ChatGPT's code execution environment demonstrated how a single malicious prompt could quietly exfiltrate sensitive user data without warning or user approval.[1]
The Vulnerability - OpenAI de
If there's one thing that AI is good at, particularly language models, it's detecting patterns in datasets so large that it would be practically impossible for humans to sift through them all, quickly and accurately. That certainly seems to be the case with Anthropic's new general-purpose model, Claude Mythos, as the company has announced that it used it to detect "thousands of high-severity vulnerabilities, including some in every major operating system and web browser."
Alongside the launch o
Over the last several years, academia and industry have been converging on a shorter and more realistic timeline to Q-Day. While new research continues to move the Q-Day timeline up to 2028-2030, the scale and scope of the impact have been less clear. Broadly, the expectation has been that quantum attacks on cryptography would be serious, but there has been less information on which to base estimates of their speed, accessibility, and breadth. Two new research papers, released within a day of
Security researchers from Hunt.io have identified an unauthenticated open directory while examining indicators of compromise published in an earlier CyberXTron report on the TheGentlemen ransomware group. The directory, hosted at IP address 176.120.22.127 on port 80, resides on infrastructure belonging to Proton66 OOO (AS198953), a Russian provider previously linked to other malicious campaigns. The server had been active for at least 24 days prior to discovery. The directory contained 126 fil
On 28 February 2026, a joint US-Israeli military campaign struck Iranian nuclear facilities, military infrastructure, and leadership targets in what was officially called Operation Epic Fury. Social media quickly flooded with false footage of the conflict, including massive explosions in Tel Aviv, successful Iranian missile strikes on US warships, and satellite imagery purporting to show damage to American military bases in the Gulf.
Some of this footage was recycled from unrelated conflicts,
A recent report from our friends at the cybersecurity firm SentinelOne has detailed an unprecedented incident in which Anthropic's Claude Code, operating with unrestricted system permissions, attempted to execute a Trojan software package. The malicious activity was detected and neutralized by SentinelOne’s behavioral artificial intelligence (AI) endpoint detection and response (EDR) system in under 44 seconds, preventing a potential supply chain compromise. The event highlights a new dimensi
If you've been using OpenClaw, the wildly popular AI agentic tool that took the developer community by storm, you should probably update it if you haven't done so already. OpenClaw, as was reported in the past, has widely known security problems. From the beginning, OpenClaw creator Peter Steinberger has warned potential users on GitHub that "There is no 'perfectly secure' setup." Users can grant OpenClaw control over their devices and access to specific apps, local files, and logged-in accou
In theory, a significant cyber hacking event could occur on or about April 15th which is Tax Day deadline in the US. With the Iran War in high gear, there are multiple enemies who are bent on targeting multiple US government organizations and resulting in widespread disruption. The Internal Revenue Service (IRS) is not immune. Attackers could exploit vulnerabilities in current network security systems, which may lead to unauthorized access and the theft of sensitive data.
Cyber security auth
Sentinel Labs has provided yet another great report on: Building an Adversarial Consensus Engine / Multi-Agent LLMs for Automated Malware Analysis. Large Language Models can perform static malware analysis, but individual tool runs produce unreliable results contaminated by decompiler artifacts, dead code, and hallucinated capabilities.[1]
Researchers built a multi-agent architecture for reversing macOS malware that treats each reverse engineering tool (radare2, Ghidra, Binary Ninja, IDA Pro) a
Nearly all organizations report having only limited confidence in their cybersecurity suppliers, according to a new global study released by Sophos. The Cybersecurity Trust Reality 2026 report, based on responses from 5,000 organizations across 17 countries, is described as one of the largest independent examinations of trust in the cybersecurity sector. Conducted on a vendor-agnostic basis, the research highlights how fragile supplier confidence is influencing both day-to-day operations and b
Release Date: 7 April 2026
CISA Alert Code: AA26-097A
Title |
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure |
Original Publication |
7 April 2026 |
Executive Summary |
Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-facing operational technology (OT) devices, including programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley. This acti |
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associat
A new threat intelligence report from Abnormal AI has revealed details of an ongoing, highly sophisticated phishing campaign that has systematically targeted C-suite executives and senior officers across 21 industry sectors over the past five months. Investigations into the campaign's backend infrastructure led to the discovery of a previously undocumented Phishing-as-a-Service (PhaaS) platform named VENOM. From November 2025 and through March 2026, this operation demonstrated a marked incre
Taiwan is confronting an unprecedented surge in cyber-attacks, solidifying its position at the forefront of global digital conflict. A recent report from cybersecurity firm Cyfirma reveals that the island nation faced an estimated 2.63 million cyber intrusion attempts per day in 2025, a 100% increase from 2023. This escalating pressure is driven by Taiwan's crucial role in the global semiconductor industry, its strategic geopolitical location, and its extensive international partnerships.[1]
T
The famed hacking group LAPSUS$ has reportedly resurfaced, claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company, AstraZeneca. The group is now attempting to sell a compressed 3GB internal data dump, which suggests a potential shift towards pay-to-access extortion methods. LAPSUS$, previously known for high-profile breaches targeting major technology firms, appears to be active again with this alleged compromise of AstraZenec
Modern artificial intelligence has grown astonishingly capable, yet the hardware beneath it still carries the weight of an older era. Today’s computers shuttle information back and forth between memory and processors in a way that resembles a busy city with only one bridge. No matter how fast the processors become, the bridge remains a bottleneck. A research team at Daegu Gyeongbuk Institute of Science and Technology (DGIST), led by Lee Hyun Jun and Noh Hee Yeon, has taken a step toward remov
For years, the manufacturing sector operated under the "security through obscurity" model relying on air-gapped systems and proprietary protocols to stay off the radar of mainstream cybercriminals. According to the Huntress 2026 Cyber Threat Report, those days are officially over. Manufacturing has emerged as one of the most targeted industries, not necessarily because its data is the most valuable, but because its tolerance for downtime is the lowest. In an industry where "minutes equal million
