Shadow AI used to mean employees pasting things they shouldn’t into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing… Read More »What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed… Read More »New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and… Read More »Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through… Read More »Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw,… Read More »Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. “The campaign abused trusted endpoint management infrastructure to… Read More »Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and… Read More »ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the… Read More »Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their… Read More »New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users”
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware.… Read More »JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware