Flux RSS

Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group

Expel has warned of malicious Chrome extensions stealing users’ AI conversations

A man has pleaded guilty to defrauding online music streaming platforms out of more than US $8 million, after creating hundreds of thousands of songs with AI, and then using bots to play them billions of times. Read more in my article on the Hot for Security blog.

UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds

The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure

Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing

A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory

Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data

Geopolitics and cyber warfare take center stage at Infosecurity Europe as Dmytro Kuleba discusses Ukraine’s hybrid war experience

Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Absolute Security 2026 Resilience Risk Index

Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware

The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023

ISACA survey found that confusion over responsibility and lack of understanding around AI cyber-attacks makes containing them difficult

Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA

High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024

New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans

CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns

German-led policing effort against fraud operation disrupts countless CSAM and cybercrime sites

Pedestrians crossing a street in Denver, Colorado, got rather more than they bargained for last weekend, when the audio signals at two crosswalks began broadcasting a political message alongside their usual walking instructions. Read more in my article on the Hot for Security blog.

Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day