Claude AI Ransomware Abuse Sparks Cybersecurity Concerns
Claude AI ransomware abuse has raised new concerns about artificial intelligence in cybercrime. Recent reports show that threat actors are misusing Anthropic’s Claude models to create advanced ransomware campaigns. These cases highlight how AI can lower barriers for cybercriminals and accelerate the spread of Ransomware-as-a-Service. Cybercriminals Turn Claude Into a Weapon Investigators discovered that a threat actor identified as GTG-5004
Silk Typhoon Hackers Use Fake Portals in Espionage Campaigns
Silk Typhoon hackers hijack captive portals in diplomat attacks, exposing how far advanced persistent threats will go to steal intelligence. The group, also tracked as Mustang Panda, UNC6384, and TEMP.Hex, is a known Chinese state-sponsored operation. Their latest campaign reveals new tactics designed to bypass defenses and target high-value diplomatic missions. Hijacking Captive Portals Captive portals usually appear when users
ToxicPanda Android Malware Infects Thousands Across Europe
A new wave of the ToxicPanda Android malware is sweeping through Europe, targeting mobile banking users with advanced theft and evasion tactics. First identified in 2022, this banking trojan has evolved into one of the most dangerous threats for Android users, using fake overlays and accessibility services to steal login credentials and bypass security. Recent reports show over 4,500 devices
Lumma Infostealer Returns After Global Takedown
The Lumma infostealer malware has made a swift comeback after a coordinated takedown effort by global law enforcement agencies in May 2025. Despite the seizure of over 2,300 domains and major disruption to its infrastructure, the malware-as-a-service (MaaS) platform has bounced back with new distribution tactics and restored capabilities. Major Disruption, Minor Setback Lumma, also known as LummaC2, was targeted
Koske Linux Malware Hides in Panda Images to Evade Detection
A new Linux malware named Koske is using panda-themed image files to hide its malicious payloads. The threat actors behind it are leveraging polyglot files, legitimate JPEGs with hidden executable code. This stealthy malware targets poorly secured JupyterLab servers to gain access and then installs rootkits and cryptocurrency miners. Security researchers at Aqua Security discovered the campaign and say Koske
Steam Malware Attack Targets Chemia Early Access Game
Hackers have compromised the early access Steam game Chemia, injecting it with info-stealing malware and endangering unsuspecting players. The attack marks the third major Steam-related malware campaign in 2025, raising urgent concerns about the platform’s ability to vet developer uploads. Malware Hidden in Game Files The threat actor known as EncryptHub, also tracked as Larva‑208, tampered with the official Chemia
Endgame Gear Malware Tool Infects Users Through Official Site
The official website of gaming mouse maker Endgame Gear recently hosted a malware-infected configuration tool, and it stayed live for over two weeks before anyone noticed. From June 26 to July 9, users downloading the setup tool for the OP1w 4K V2 mouse were unknowingly installing the XRed remote access trojan (RAT). The compromised version was distributed through Endgame Gear’s
Konfety Malware Uses Malformed APKs to Evade Android Detection
The Android threat landscape continues to evolve, and cybercriminals are now exploiting even the ZIP format’s underbelly. A newly discovered malware variant named Konfety is setting a dangerous precedent by manipulating how Android Package (APK) files are structured. This manipulation allows it to sidestep traditional analysis and detection methods used by antivirus programs, app stores, and researchers. What makes Konfety
LameHug Malware Uses LLM to Automate Windows Data Theft
LameHug, a newly discovered Python-based malware, is raising alarms in the cybersecurity world by becoming the first known malicious tool to leverage a large language model (LLM) in real time. This cutting-edge threat utilizes Hugging Face’s Qwen 2.5‑Coder‑32B‑Instruct model to dynamically craft Windows commands used for data theft and system reconnaissance, making detection and mitigation significantly more challenging. A New
Fake AI Gaming Firms Target Crypto Users with Malware Scam
Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,
