Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web ...
Infosecurity MagazineOpinion

Why Organizations Need to Adapt Their Defenses to Protect Against the Rise of Phishing-as-a-Service

The professionalization of phishing demands a shift in defensive strategy. Signature-based detection that looks for known ...

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026.  Follow ...

Mac Users Warned Over Fake Claude Install Instructions

Hackers are using Google Ads and Claude shared chats to target Mac users with fake setup instructions that can install ...
Infosecurity Magazine

Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...
CSO Online

The fake IT worker problem CISOs can’t ignore

Fake IT workers are using AI to fabricate resumes, defeat interviews, and secure remote access to corporate systems. It will ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
The Hacker News

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

MuddyWater used Teams phishing in 2026 to steal credentials, enabling stealthy data exfiltration and persistence without ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...