Security News

Filter by:

Viral Moltbot AI assistant raises concerns over data security

Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation history, and credentials...
Bleepingcomputer 29 Jan 2026 4166 Views

There's a rash of scam spam coming from a real Microsoft address

Abusing Microsoft's reputation may make scam harder to spot.
Ars Technica 28 Jan 2026 4039 Views

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit (TRU), involves using phishing emails impersonating the Income Tax Department of...
The Hacker News 27 Jan 2026 3964 Views

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks...
Bleepingcomputer 27 Jan 2026 3764 Views

Crims hit the easy button for Scattered-Spider style helpdesk scams

Teach a crook to phish… Criminals can more easily pull off social engineering scams and other forms of identity fraud thanks to custom voice-phishing kits being sold on dark web forums and messaging platforms.…
The Register 23 Jan 2026 8613 Views

New Android malware uses AI to click on hidden browser ads

A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. [...]
Bleepingcomputer 22 Jan 2026 3925 Views

Threat Actors Weaponizing Visual Studio Code to Deploy a Multistage Malware

Threat actors are turning Visual Studio Code into an attack platform, using its rich extension ecosystem to slip multistage malware into developer workstations. The latest campaign, dubbed Evelyn Stealer, hides behind a malicious extension that delivers a stealthy information stealing tool in several carefully staged steps...
Cyber Security News 20 Jan 2026 13969 Views

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP platforms were discovered stealing authentication credentials or blocking management pages used to respond to security incidents...
Bleepingcomputer 18 Jan 2026 3716 Views

Google Chrome now lets you turn off on-device AI model powering scam detection

Google Chrome now lets you delete the local AI models that power the "Enhanced Protection" feature, which was upgraded with AI capabilities last year...
Bleepingcomputer 18 Jan 2026 3584 Views

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company...
The Hacker News 16 Jan 2026 3646 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY