Darksword: iPhone exploit kit serves spies and thieves alike
DarkSword shows how advanced iPhone exploit chains can power both surveillance and theft, with targeted victims reported in four countries.
Five malicious Rust crates target CI/CD secrets through fake time utilities
Five malicious Rust crates on crates.io reportedly stole .env secrets from developer and CI/CD environments, raising supply-chain risk.
Hive0163’s Slopoly malware shows how AI can speed up ransomware operations
Reported Slopoly activity linked to Hive0163 suggests AI may be helping ransomware crews build persistence malware faster and cheaper.
Nine CrackArmor flaws in Linux AppArmor raise root escalation and container escape concerns
Qualys says nine AppArmor flaws can let unprivileged users gain root and weaken container isolation on affected Linux systems.
GlassWorm supply-chain attack abuses 72 Open VSX extensions to target developers
Researchers say GlassWorm abused 72 Open VSX extensions and dependency metadata, raising the stakes for developer-focused supply-chain attacks.
Weekly recap: Chrome 0-days, router botnets, AWS breach, rogue AI agents and more
This week’s security stories point to one trend: attackers are exploiting trusted browsers, routers, cloud identities, and AI workflows.
Ai flaws in Amazon Bedrock, LangSmith, and SGLang expose a DNS exfiltration blind spot
BeyondTrust’s reported DNS exfiltration technique shows how AI code sandboxes can leak secrets and support command channels.
Google adds 24-hour wait for unverified app sideloading to reduce malware and scams
Google’s new 24-hour delay for unverified Android sideloading aims to disrupt scam-driven installs, but it also adds friction for legitimate developer
Claudy Day trio of flaws exposes Claude users to data theft
A reported Claude attack chain shows how prompt injection and weak tool controls can turn a simple web search into enterprise data theft.
Police Scotland fined after sharing victim’s phone data
Police Scotland was fined after sharing a victim’s full phone contents with her alleged attacker, exposing major failures in digital evidence handling
Europe sanctions Chinese and Iranian firms for cyberattacks
The EU has sanctioned Chinese and Iranian entities over cyberattacks on critical infrastructure, signaling a harder line on state-linked operations.
GlassWorm hits 400+ code repos across GitHub, npm, VS Code, and OpenVSX
GlassWorm’s latest supply-chain campaign reportedly hit 400+ GitHub, npm, VS Code, and OpenVSX artifacts, raising major risks for developers.