IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI ...

Security researchers at Point Wild have disclosed a new Windows malware campaign that uses a multi-stage infection chain to establish persistent, memory-resident access on compromised systems and ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

ChatGPT's new Lockdown Mode can stop prompt injection - here's how it works ...

Microsoft has implemented and continues to deploy mitigations against prompt injection attacks in Copilot, the company announced last week. Spammers were using the "Summarize with AI" type of buttons ...

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.

OpenAI launches Lockdown Mode and Elevated Risk warnings to protect ChatGPT against prompt-injection attacks and reduce data-exfiltration risks.

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.

Christina Majaski writes and edits finance, credit cards, and travel content. She has 14+ years of experience with print and digital publications. Robert Kelly is managing director of XTS Energy LLC, ...

Brian Beers is a digital editor, writer, Emmy-nominated producer, and content expert with 15+ years of experience writing about corporate finance & accounting, fundamental analysis, and investing.