The Hacker News

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025–2026.

CyberStrikeAI tool adopted by hackers for AI-powered attacks

Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Why encrypted backups may fail in an AI-driven ransomware era

Think your encrypted backups are safe? AI-driven ransomware now infiltrates networks, corrupts recovery points, and silently ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...