Reconstructing AI activity in investigations
Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps securi...
Play
Ransomware
Ransomware exploiting Exchange vulnerabilities and Fortinet flaws, targeting municipalities, legal firms, and manufacturing.
Also known as: play ransomware, playcrypt, play malware
AI Intelligence Brief cached
Related YARA Rules View all on YARA Rules page →
90-Day Activity
Last 90 Days (32)
Last 90 Days
All Time
Weedhack MaaS Targets Minecraft Players to Steal Credentials and Hijack Accounts
Weedhack, a Malware-as-a-Service (MaaS) operation specifically engineered to prey on Minecraft players, that has been active since at least January 2026. The...
OWASP Unveils AI Security Report Highlighting New Tools for Security Teams
OWASP has released a new edition of its AI security report, “State of Agentic AI Security and Governance v2.01,” giving security teams a concrete playbook fo...
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tut...
WeedHack malware campaign targets over 116,000 Minecraft players
The WeedHack malware is distributed through malicious Minecraft-related mods, clients, and utilities promoted via YouTube and search engine poisoning.
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' system...
Over 116,000 Mincraft systems infected in WeedHack malware campaign
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [.
Over 116,000 Minecraft systems infected in WeedHack malware campaign
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [.
How to defend at machine speed: A post-LLM era playbook
AI-era attacks now move at machine speed, forcing defenders to rethink validation and response.
ChatGPT share links abused to host fake outage pages to deliver malware
Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGP...
Fake Video Player Updates Spread Miner and RAT Malware
Hackers are actively exploiting illegal streaming platforms to distribute advanced malware, using fake video player updates as a lure to infect unsuspecting ...
[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution
Quick Playground for WordPress 1.3.
Hackers Pivot from marimo RCE to Internal Database Using LLM Agent
A newly observed intrusion demonstrates how attackers are replacing static playbooks with AI-driven agents that adapt in real time. The attack began on May 1...
ABB Ability Camera Connect
View CSAF Summary ABB is aware of public reports of vulnerabilities in a 3rd party component VLC media player Version 2.2.
Trapdoor ad fraud campaign used hundreds of Android apps
The Trapdoor campaign initially distributed seemingly legitimate utility apps, such as PDF readers, through the Google Play Store.
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data
7 hard truths security pros should know: 2026 DevOps Threats Report
In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2...
Microsoft blames undismissible Teams location prompts on macOS update
Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [.
At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026
Frontier AI models like Mythos are making vulnerability discovery fast and cheap. Here's how defenders use threat intelligence and agentic processing to prio...