Generative AI is rapidly shifting from a productivity tool to a powerful asset in the hands of cybercriminals. According to a report from the Google Threat Intelligence Group (GTIG), the North Korean-linked threat actor UNC2970—overlapping with the well-known Lazarus Group, Diamond Sleet and Hidden Cobra clusters—has begun actively abusing the Google Gemini model to support … Read more
Open source ecosystems npm and PyPI have again become high‑value targets in a coordinated software supply chain attack. Cybersecurity researchers have linked a new campaign, dubbed graphalgo, to the North Korea‑aligned Lazarus APT group. By combining fake blockchain job offers, realistic coding tests and staged malicious package updates, the attackers aim to compromise developers, exfiltrate … Read more
A recent 2026 market study of 128 senior security decision‑makers reveals a clear split between enterprises that have adopted Continuous Threat Exposure Management (CTEM) and those that still rely on traditional, fragmented security practices. The divide is not primarily about budget or industry. It is driven by whether an organization has implemented a continuous, risk‑based … Read more
Large language models such as ChatGPT, Claude and Gemini are increasingly being used not only for text generation, but also for creating passwords and API secrets. At first glance, these AI-generated passwords look strong: they are long, contain upper- and lowercase letters, digits and special characters. However, new research by the company Irregular demonstrates that … Read more
Google has released an out-of-band Chrome security update to fix CVE-2026-2441, the first publicly known Chrome zero-day vulnerability of 2026. The company has confirmed that the flaw is already being exploited in real-world attacks with a working exploit, which elevates the issue to a high‑priority risk for both individual users and organizations. Chrome zero-day CVE-2026-2441: … Read more
A recently identified bug in the corporate version of Microsoft 365 Copilot allowed the AI assistant to read and summarize confidential emails, even when Data Loss Prevention (DLP) policies and sensitivity labels should have blocked such access. The incident highlights a growing class of risks where AI services embedded in office platforms interact incorrectly with … Read more
A new malicious campaign involving the Mamont Android banking trojan is actively targeting users, exploiting fake “Telegram accelerator” apps to compromise devices and steal money. According researchers, this wave of attacks began in mid-February and has already affected thousands of users who installed the infected APK outside of Google Play. How attackers spread the Mamont … Read more
A new malicious campaign involving the Mamont Android banking trojan is actively targeting users, exploiting fake “Telegram accelerator” apps to compromise devices and steal money. According researchers, this wave of attacks began in mid-February and has already affected thousands of users who installed the infected APK outside of Google Play. How attackers spread the Mamont … Read more
One of the Netherlands’ largest telecom providers, Odido—formed in 2023 on the basis of T-Mobile Netherlands and Tele2 Netherlands—has disclosed a major data breach affecting approximately 6.2 million customers. The incident, detected on 7 February 2026, is already being viewed as one of the most significant data leaks in the European telecom sector in recent … Read more
ESET researchers have documented PromptSpy, a new Android malware family that stands out as the first publicly known mobile threat to directly invoke a generative AI model during runtime. By integrating the cloud-based Google Gemini API, the malware adapts to different Android user interfaces, strengthens its persistence, and significantly complicates detection and removal. From VNCSpy … Read more
