Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.

A new attempt to influence AI-driven security scanners has been identified in a malicious npm package. The package, eslint-plugin-unicorn-ts-2 version 1.2.1, appeared to be a TypeScript variant of the ...

A coordinated cyber campaign using artificial intelligence to disguise malicious code is targeting researchers, developers ...

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...

Ever wonder what malware macOS can detect and remove without help from third-party software? Apple continuously adds new malware detection rules to Mac’s built-in XProtect suite. While most rule names ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

Fake Windows updates deliver advanced malware hidden inside encrypted PNG images Hackers trick victims with update screens that secretly execute malicious commands Stego Loader reconstructs dangerous ...

The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical guardrails selling on Telegram for $50 monthly ...

The cloud giant has stopped more than 1,800 suspected scammers from the Democratic People's Republic of Korea (DPRK, aka ...