Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

Enterprises seeking to make good on the promise of agentic AI will need a platform for building, wrangling, and monitoring AI agents in purposeful workflows. In this quickly evolving space, myriad ...

Don’t act surprised when your AI agent starts printing millions of pages of cabbages, deletes an entire system partition, or sends your life savings to fraudsters – they’re just being helpful.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Although AI has introduced a new threat in the world of payments fraud, it has also emerged as the analytical backbone of next-generation fraud mitigation systems.

How Paramount Skydance's David Ellison came back with the winning bid for Warner Bros. Discovery and what it means for ...