Claude Mythos’ April 7 launch accelerates vulnerability discovery, but limited access and rising false positives strain ...

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

Fake CAPTCHA IRSF scam sends up to 60 SMS messages since June 2020, exploiting 17 countries and costing victims $30 per ...

Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

This week’s ThreatsDay covers supply chain attacks, fake help desks, wiper malware, AI prompt traps, RMM abuse, phishing kits ...

User-initiated shell ran via HTTPS CAPTCHA at 2:14 p.m. Tuesday, exposing browser blind spot and breaking session attribution ...

Fast16 malware from 2005 predates Stuxnet by five years, targeting engineering software to sabotage calculations and reshape ...

CISA adds 4 exploited CVEs including CVSS 9.9 SimpleHelp flaw, mandating FCEB mitigation by May 8, 2026 to reduce ransomware ...

FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network ...

AI agents inherit hidden authority from fragmented identities, creating a delegation gap that demands real-time governance.

Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they ...