Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...

Cybersecurity firms CyberProof, Trend Micro, Sophos, and Kaspersky believe Maverick attacks WhatsApp web users by combining ...

Google appears to be working on a search tool for Play Store reviews, in addition to the filtering options it already has.

Threat actors, including those with ties to North Korea, are using AI-enabled malware that rewrites itself in real time to ...

The Gootloader malware scam, which was thought to have been disrupted and shut down in March 2025, has returned with both old ...

Google has discovered a new breed of AI-powered malware that uses large language models (LLMs) during execution to ...

The malware’s key component, known as the "Thinking Robot" module, periodically queries Gemini to obtain VBScript code ...

PROMPTFLUX: Experimental malware, a VBScript dropper with obfuscation, that abuses the Google Gemini API to dynamically rewrite its own source code. PROMPTLOCK: Another experimental strain of malware, ...

Further instances of the malware, which steals credentials and cryptocurrency, have appeared on Open VSX and aim to establish ...

Google has warned that AI-powered malware is circulating that is virulent and harder to detect than most malware. Here's why, ...

Google Threat Intelligence Group has found hackers are now using AI tools like Gemini to make malwares that can self write, evade detection ...