An article by Josh Taylor of Fortra begins: Ransomware groups are increasingly inserting AI bots into the negotiation loop to triage victims, collect leverage and scale their operations. At Fortra, I have observed a growing trend of attackers deploying chatbots for first contact, with humans stepping in only after certain thresholds are met. This approach […]
The Dallas Express reports: Anthropic researchers say they have disrupted what they described as the first reported use of artificial intelligence to direct a hacking campaign in a largely automated fashion, marking what they called a troubling development in cybersecurity. According to a threat report released this week, the operation was linked by Anthropic to the Chinese […]
The company behind the Claude chatbot said it caught a hacker using its chatbot to identify, hack and extort at least 17 companies. NBC News reports: A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive and lucrative AI cybercriminal operation known to date, using it to do everything from find […]
Customers are targeted through compromised OAuth access tokens from Salesloft Drift integrations. IT Pro reports: Google’s Threat Intelligence Group (GTIG) has revealed that hackers harvested user credentials from Salesforce customers in a widespread campaign during the first half of this month. The attacker, tracked as UNC6395, targeted Salesforce customer instances through compromised OAuth tokens associated […]
Coindoo reports: Physical attacks on cryptocurrency holders are rising sharply this year, with security experts warning that 2025 could become the most dangerous year yet for investors. At the Baltic Honeybadger conference in Riga, SatoshiLabs founder Alena Vranova described a wave of “wrench attacks” — kidnappings, assaults, and extortion aimed at forcing victims to surrender […]
GBHackers reports: Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the widely used SimpleHelp Remote Monitoring and Management (RMM) platform. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning that ransomware actors have leveraged these security gaps […]
The Times of India reports: Google’s Threat Intelligence Group (GTIG) has issued a warning about a Russia-based hacking group, known as COLDRIVER. The Alphabet-owned company claims that this hacking group is using a newly identified malware called LOSTKEYS to steal data. The tech giant claims that this malware, which was tracked in multiple attacks this […]
Bleeping Computer reports: ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia adopting the technique in recent espionage campaigns. ClickFix is a social engineering tactic where malicious websites impersonate legitimate software or document-sharing platforms. Targets are lured via phishing or malvertising and shown […]
Cyber Security News reports: A new malicious AI platform named Xanthorox AI has emerged, positioning itself as a friendly tool for hackers. First spotted in late Q1 2025, Xanthorox AI is being promoted in underground cybercrime forums as a modular, self-hosted solution for automated hacking operations, marking a new era in the sophistication of cyber […]
From a joint advisory by CISA and the FBI: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early […]
