The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...

Researchers at Google have discovered that hackers are creating malware that can harness the power of AI during its execution ...

Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.

Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.

We're quickly entering an era of more sophisticated malware strains evading common antivirus protections, with threat actors taking advantage of powerful large language models (LLMs) that pose ...

Google’s Threat Intelligence Group reports that new malware strains use LLMs mid-execution to generate, rewrite, and ...

PROMPTFLUX: Experimental malware, a VBScript dropper with obfuscation, that abuses the Google Gemini API to dynamically rewrite its own source code. PROMPTLOCK: Another experimental strain of malware, ...

A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a QR code as part of its obfuscation strategy, ultimately aiming to steal ...

Google has discovered a new breed of AI-powered malware that uses large language models (LLMs) during execution to ...

Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...