Cybersecurity

Security firm AIR successfully deployed a deceptive AI agent skill that bypassed all major security scanners and reached an estimated 26,000 agents.The skill exploited...

WhatsApp accounts across 11 countries are being hijacked to distribute malware-laden VBScript files.The campaign uses obfuscated scripts disguised as business documents to install legitimate...

Pro versions of three ShapedPlugin WordPress extensions were backdoored after attackers hijacked the official vendor distribution channel.The injected malware steals admin credentials, 2FA codes,...

Critical vulnerabilities in the popular open-source AI platform Dify could have allowed attackers to secretly wiretap and steal AI chat conversations from other customers'...

For the first time, CSIS used its legal "threat reduction" powers to disrupt foreign state-run botnets residing on infected Canadian devices.The Federal Court authorized...

A new malware called AryStinger has infected at least 4,300 older home routers, according to research from QiAnXin's XLab.Instead of creating a typical DDoS...

A WordPress plugin flaw exposes API keys and system data on roughly 100,000 sites.The vulnerability allows unauthenticated attackers to harvest credentials for email services.Over...

A working exploit achieves arbitrary code execution within the SecureROM of Apple's A12 and A13 chips, a flaw burned into the silicon.Affected devices, including...