WeLiveSecurity

PromptSpy ushers in the era of Android threats using GenAI

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.

PromptSpy is the first known Android malware to use generative AI at runtime

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini ...

Fake CAPTCHA attacks exploded by 563% last year: How to spot them and stay safe online

You might not think of a CAPTCHA check as a cybercrime lure, but if you fall prey to one, you may become infected with malware. Learn how to spot them with our guide.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

AI chatbots with web browsing can be abused as malware relays

Check Point Research shows browsing-enabled AI chat can act as a malware relay, moving commands and data through normal-looking traffic. Microsoft urges defense-in-depth, while defenders may need ...
CNET

OpenAI and Google Take Steps to Avoid Abusive AI Imagery After Grok Scandal

When asked about any further steps the company is taking to prevent AI-enabled abuse, Google pointed CNET to its generative AI prohibited use policy. Google's policy, like many other tech companies' ...