BlackSanta Malware Is Silently Targeting HR Departments
Hiring managers open files from strangers every single day. That routine habit is exactly what a Russian-speaking threat actor has been exploiting for more than a year. Cybersecurity researchers at Aryaka recently uncovered the BlackSanta malware campaign: a sophisticated operation that disables endpoint security tools at the kernel level before the victim notices anything wrong. The campaign ran largely undetected
InstallFix Attacks Spread Infostealers via Fake Claude Code Guides
Cybercriminals have launched a new campaign using InstallFix attacks to distribute information-stealing malware through fake Claude Code installation guides. The operation targets developers searching for instructions to install Anthropic’s Claude Code CLI. Instead of legitimate documentation, victims land on convincing clone pages that contain malicious terminal commands. Security researchers discovered that these pages replicate official documentation almost perfectly. However, the
Star Citizen Data Breach Exposes User Data
Star Citizen data breach disclosures have raised concerns about how game developers secure user information stored in backup systems. Cloud Imperium Games confirmed that attackers accessed part of its infrastructure in January 2026, exposing certain account details linked to player profiles. The company stated that no passwords or payment information were compromised, but the incident still highlights the risks tied
QuickLens Chrome Extension Steals Crypto in ClickFix Attack
A routine browser update can quickly turn into a security disaster. That is exactly what happened when the QuickLens Chrome extension received a malicious update that transformed it into a crypto-stealing tool. The QuickLens Chrome extension originally offered Google Lens-style search features and gained around 7,000 users in the Chrome Web Store. After a change in ownership, version 5.8 introduced
Arkanix Stealer Emerges as AI-Built Malware Test
Arkanix Stealer appeared suddenly on underground forums and disappeared almost as quickly. Security researchers describe it as a short-lived infostealer that likely relied on AI-assisted development techniques. Although the campaign did not last long, Arkanix Stealer highlights how rapidly cybercriminals can now build and test new malware strains. Researchers first observed the malware being promoted through dark web channels, complete
Advantest Ransomware Attack Disrupts Chip Supply Chain
Advantest ransomware attack news has raised fresh concerns across the semiconductor sector after the Japanese technology giant confirmed a cyber intrusion into its corporate network. The company detected suspicious activity on February 15 and immediately activated its incident response protocols to contain the threat and protect critical systems. Advantest later confirmed that attackers gained unauthorized access and deployed ransomware on
PromptSpy Android Malware Uses Generative AI at Runtime
PromptSpy Android malware has introduced a new chapter in mobile cyber threats by integrating generative AI directly into its runtime operations. Security researchers recently identified it as the first known Android malware to actively communicate with a large language model while executing on an infected device. This shift moves AI from being a supporting tool for attackers into the core
AMOS Infostealer Exploits AI Trust to Target macOS Users
A growing malware campaign is targeting macOS users by abusing the popularity of artificial intelligence tools and online search results. The threat centers on AMOS, short for Atomic macOS Stealer, an infostealer designed to harvest sensitive data from Apple systems. Instead of relying on traditional phishing emails or software cracks, attackers are now embedding malware within seemingly helpful AI-related content
Malware in Coding Challenges Targets Developers Seeking Jobs
Cybercriminals are embedding malware in coding challenges and sending them to developers through fake recruitment campaigns. What looks like a standard technical interview task is, in reality, a carefully constructed infection chain designed to compromise machines and steal sensitive data. Security researchers say this campaign has operated for months and continues to evolve. Instead of relying on obvious phishing emails
Malicious 7-Zip Installer Turns PCs Into Proxy Nodes
Cybercriminals are abusing trust in popular software to spread malware at scale. The malicious 7-Zip installer campaign shows how a simple download mistake can quietly turn a personal computer into part of a criminal proxy network. Instead of delivering only the legitimate compression tool, attackers bundled hidden components that operate in the background and grant remote operators control over internet
