This week’s ThreatsDay Bulletin covers spyware-laced game cheats, fake installers, infostealer, ransomware, phishing kits, ...
DoorDash is opening a limited beta of dd-cli, a command-line tool that lets developers and AI agents search stores, build carts, and place orders from the terminal, marking another step toward ...
An exposed attack server led Lexfo to three Microsoft 365 phishing operations using Evilginx and device code abuse to capture ...
A new scratchpad console, additional customization options, and improved accessibility are now available for Jupyter users.
With the ability to take control of distributed devices at scale, HalluSquatting has the potential to achieve various ...
AI agents such as OpenClaw are turning developer workstations into always-on edge servers. We test whether the Dell Pro Max ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram forks that allow attackers to read arbitrary files on compromised servers. At ...
SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for C2. Malware has learned a new trick: manipulating the AI tools security ...
A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather than the sandbox analyzing it. SentinelLabs, the research arm of ...
CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be orchestrated more flexibly with Kestra.