Category: Uncategorized

  • The Kill Chain Is Obsolete When Your AI Agent Is the Threat

    The Kill Chain Is Obsolete When Your AI Agent Is the Threat

    In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed.
    This incident is worrying, but there’s a scenario that should
  • FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

    FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

    The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing “unacceptable” risks to cyber and national security.
    The action was designed to safeguard Americans and the underlying communications networks the country relies on, FCC Chairman Brendan Carr said in a post on X. The development means that new models of
  • May 19 local Primary Election preview

    May 19 local Primary Election preview

    Free news: Local candidates and ballot measures for Oregon’s Primary Election, May 19.
  • TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

    TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

    TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor.
    Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on
  • Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

    Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

    A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own vulnerable driver (BYOVD) technique.
    “The campaign abuses Google Ads to serve rogue ScreenConnect (
  • 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

    5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

    On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position
  • Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

    Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

    Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data.
    The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below –

    react-performance-suite
    react-state-optimizer-core
    react-fast-utilsa
    ai-fast-auto-trader

  • The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

    The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

    Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands.
    These challenges do not
  • U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

    U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

    A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.
    According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the
  • North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

    North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

    The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects.
    The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks