Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
Cybercriminals are using SEO poisoning and fake Gemini and Claude installer sites to infect developers with fileless malware and steal data.
HackRead
20 articles
Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month
Anthropic says its Claude Mythos AI identified more than 10,000 software vulnerabilities in one month, including critical flaws in open-source code.
FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack
Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware.
Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime
Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion.
Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches
A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts.
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.
5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft.
Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
Deleted Google API Keys remain active for up to 23 minutes after deletion, exposing GCP, Gemini, BigQuery, and Maps data to attackers.
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Bitdefender researchers reveal how cyberattackers are abusing the built-in Windows MSHTA utility to silently deploy loaders and infostealers.
Understanding Trend Structure: Higher Highs and Lower Lows Explained
Before indicators, before oscillators, before anything that requires a formula – the market communicates through price structure.
GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension
GitHub Breach: TeamPCP stole 3,800 internal repositories through a malicious VS Code extension and is now selling the data online for $95,000.
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours.
Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools
Disclosure: This article was provided by ANY.RUN.
Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks
Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud.
AI Agent Security: Automating Workflow Without Creating Prompt Injection or Data Leak Risks
AI agent security starts with a simple fact: the more authority an agent has, the tighter its access…
How Parts Inventory Management Software Fixes Inventory Challenges
Why do maintenance teams struggle? Is it because they lack skills?
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.