MacOS Users Targeted by Malware Through Claude AI Artifacts and Google Ads
A new malware campaign is using Google Search ads and public Claude AI artifacts to trick macOS users into running harmful commands in their Terminal.…
Google links suspected Russian actor to CANFAIL malware attacks on Ukrainian organisations
Google Threat Intelligence Group (GTIG) says a previously undocumented threat actor, likely tied to Russian intelligence, has used phishing to deliver a JavaScript backdoor called…
Global Defense Sector Faces Coordinated Cyberattacks from China, Russia, Iran & North Korea
Cybersecurity researchers at Google Threat Intelligence Group (GTIG) report that major state-linked hackers from China, Russia, Iran, and North Korea are actively targeting the global…
VoidLink: a modular, AI-assisted malware framework tied to UAT-9921 what defenders must know
Security teams are tracking a powerful new malware framework called VoidLink that targets Linux cloud environments and can give attackers long-term, stealthy control. Researchers say…
Malicious Chrome Extensions Exposed: Stealing Business Data, 2FA Codes, and Browser History
Security researchers have uncovered multiple malicious Google Chrome extensions that are abusing browser permissions to steal sensitive data. These include extensions aimed at Meta Business…
npm Overhauls Authentication to Reduce Supply Chain Risk but Attacks Still Possible
npm has completed a major update to how developers authenticate when publishing packages. The change aims to reduce the risk of supply chain attacks by…
BeyondTrust RCE (CVE-2026-1731) is being probed and attacked in the wild
A critical unauthenticated remote code execution flaw in BeyondTrust Remote Support and some Privileged Remote Access releases is being actively probed and exploited by attackers.…
Critical Vulnerability in next-mdx-remote Library Lets Servers Run Malicious Code During SSR
A critical remote code execution (RCE) flaw has been found in the widely used next-mdx-remote library that can let attackers run arbitrary code when dynamic…
Google Says Hackers Are Abusing Gemini AI for Every Stage of Cyberattacks
State-backed and criminal hackers are increasingly using Google’s Gemini AI model to assist with cyberattack campaigns. The misuse covers many parts of an attack lifecycle,…
Crazy Ransomware Gang Abuses Employee Monitoring Tool to Stay Hidden Inside Corporate Networks
Cybersecurity researchers have confirmed that a member of the Crazy ransomware gang abused legitimate employee monitoring software and a remote support tool to maintain persistence…
November 21, 2025
1 comment 
