📂 Threat Alerts

Showing 10 threats (week)

Factory Disrupts AI Platform Hijack Campaign Using Coding Agents

San Francisco-based startup Factory reported disrupting an attack campaign in which at least one state-linked threat group attempted to hijack its AI-driven software development platform for large-sca…

Category: Threat Alerts / Threat Intelligence / AI & Cloud Abuse

#factory#ai-security#cloud-abuse#coding-agents#state-linked-threat#free-tier-abuse

Phishing Evades Traditional Defenses – Interactive Sandboxes Close the Gap

Modern phishing campaigns increasingly bypass traditional email filters and URL reputation engines by delaying malicious behavior until after user interaction, using techniques such as multi-step redi…

Category: Threat Alerts / Threat Intelligence / Detection & Response

#phishing#interactive-sandbox#any-run#email-security#qr-phishing#soc-operations

Matrix Push C2 Abuses Browser Notifications to Deliver Malware

Matrix Push C2 is a newly documented command-and-control platform that abuses web browser push notifications to deliver phishing pages and malware, turning a legitimate feature into a persistent attac…

Category: Threat Alerts / Threat Intelligence / Social Engineering & Delivery

#matrix-push-c2#browser-notifications#phishing#malware-delivery#web-security#fileless-technique

Budget Samsung Phones Found Shipping With Unremovable Spyware

Digital rights group SMEX accused Samsung of pre-installing AppCloud—unremovable data-harvesting software developed by Israeli firm ironSource—on Galaxy A and M series budget phones across West Asia, …

Category: Threat Alerts / Threat Intelligence / Mobile Security

#samsung#android#spyware#mobile-security

DeepSeek Code Flaws Linked to Real-World Attacks and Exploitation

DeepSeek-generated code vulnerabilities are being exploited in real-world attacks, according to new research from CrowdStrike. Insecure code patterns produced by DeepSeek’s autonomous agent workflows …

Category: Threat Alerts / Threat Intelligence / AI & Code Security

#deepseek#ai-security#insecure-code#crowdstrike

Sneaky2FA Kit Adds Browser-in-the-Browser Credential Attack

The Sneaky2FA phishing-as-a-service (PhaaS) kit has adopted a Browser-in-the-Browser (BitB) technique to steal Microsoft 365 credentials and active session tokens. The campaign uses realistic pop-ups …

Category: Threat Alerts / Threat Intelligence

#sneaky2fa#microsoft365#phishing#bitb#aitm

Eternidade Stealer Banking Trojan Spreads via WhatsApp Worm

The Eternidade Stealer banking malware identified by Trustwave SpiderLabs represents an advanced credential-harvesting threat leveraging WhatsApp-based worm propagation and Delphi-compiled payloads. T…

Category: Threat Alerts / Malware & Ransomware

#eternidade-stealer#whatsapp-worm#banking-malware#latin-america

Comet Browser MCP API Enables Full Device Control Risk

The hidden MCP API discovered in the Comet AI Browser exposes a critical pathway for full device takeover through arbitrary local command execution, posing a severe third-party risk to enterprises and…

Category: Threat Alerts / Threat Intelligence

#comet#mcp-api#browser-security#command-execution#ai-browser

CrowdStrike Warns Defenders Must Counter AI-Powered Adversaries

CrowdStrike warns that adversaries are now using agentic AI—autonomous LLM-driven systems—to automate up to 90% of intrusion operations, including reconnaissance, exploitation, and lateral movement. T…

Category: Threat Alerts / Threat Intelligence / AI-Driven Threats

#ai#crowdstrike#llm#prompt-injection

Generative AI Weaponization Expands Cyberattack Capabilities

Generative AI weaponization is accelerating, enabling attackers to scale phishing, malware creation, and deepfake-driven deception with unprecedented precision. Underground forums increasingly adverti…

Category: Threat Alerts / Threat Intelligence / AI-Driven Threats

#ai#llm#deepfake#phishing#weaponization

Page 1 of 4