Cybernews

Got an AI agent on your computer? Assume a breach, security researcher warns

AI coding agents are highly vulnerable to zero-click attacks hidden in simple prompts on websites and repositories, a ...
iDrop News

Don’t Trust the Double-Click: This Mac Malware Was ‘Approved’ by Apple

A new version of the MacSync Stealer malware has been found masquerading as a legitimate, notarized app. It bypasses standard macOS security warnings to harvest credentials and crypto wallets.

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
Cryptopolitan on MSN

New MacSync malware variant bypasses macOS security, Jamf and SlowMist warn

While reviewing the detections of its in-house YARA rules, Jamf Threat Labs claims it observed a signed and notarized stealer ...

New SantaStealer malware is after your passwords and crypto

New SantaStealer malware reportedly threatens holiday shoppers with password theft. This Christmas-themed info-stealer ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions.
The Hacker News

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code ...

'One Battle After Another' torrents hide ultra-sophisticated malware

As we all know, winter time is cinema time, and the Oscars are drawing ever closer. So it’s no wonder that more and more films are being released that are attracting the attention of the masses.
Gizmodo

Illegal Downloads of ‘One Battle After Another’ Contain Dangerous Malware

One Battle After Another has been hailed as one of the best movies of the year, generating Oscar buzz in every major category. But if you’re hoping to watch the film at home, it’s best to steer clear ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
Developer Tech

Malware campaign uses VS Code extensions for A/B testing

A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions. In a campaign tracked by Koi, a threat actor published two malicious VS Code ...
USA Today

PDF Editor Malware Risks: How Foxit & Files Editor Lead in Security and Support

Managing sensitive business documents online presents serious challenges, especially when using PDF editors. Many companies unknowingly expose themselves to malware, phishing, or insecure platforms ...