A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...

This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

ESET Research's latest Threat Report detailed PromptLock, the first known AI-driven ransomware, “capable of generating malicious scripts on the fly”, using an OpenAI model, via the Ollama API, to ...

A cute-looking AI is quietly reshaping cybercrime. See how KawaiiGPT enables phishing and ransomware for anyone, and why ...

A ransomware variant favored by a pro-Russia hacktivist group is back on the scene with a new version that has a fatal flaw — it keeps artifacts that allow victims to decrypt their files. VolkLocker ...

The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical guardrails selling on Telegram for $50 monthly or distributed free on GitHub.

A seasonal surge in malicious activity combined with alliances between ransomware groups led to a 41% increase in attacks between September and October. Cybercriminal group Qilin continues to be the ...

NHS England is investigating the possibility that it has fallen victim to a prolific ransomware operation, after the Cl0p (aka Clop) gang claimed to have hacked its systems via a post to its dark web ...

Helping companies pay ransoms to digital extortionists is kind of an odd business. On the one hand, you “negotiate” with cybercriminals and in so doing may drive down the costs of recovering from a ...

Two former employees of cybersecurity firms that sold services helping companies combat hackers have been indicted and accused of participating in a conspiracy, outside of their day jobs, to hack ...