Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
PCMag

Hackers Still Exploiting WinRAR Flaw Even Though Fix Was Released 6 Months Ago

WinRAR doesn't have an auto-update function, meaning PCs are vulnerable until you manually update. The bug is still being widely exploited, Google security researchers warn.

This dangerous APT has expanded its skills with some new tools - here's what we know

Originally, CoolClient was able to profile and gather system and user details, and record keystrokes. It allowed Mustang panda to upload and delete files, run TCP tunneling and reverse-prosy listening ...
MIT Technology Review

Rules fail at the prompt, succeed at the boundary

Put rules at the capability boundary: Use policy engines, identity systems, and tool permissions to determine what the agent ...

Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized ...

Secret US cyber operations shielded 2024 election from foreign trolls, but now the Trump admin has gutted protections

Weeks before the 2024 election, American military hackers carried out a secret operation to disrupt the work of Russian trolls spewing false information at US voters.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
SecurityWeek

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.