MongoDB instances exposed directly to the internet are once again being hit by automated ransomware campaigns. Attackers are systematically scanning the internet for misconfigured servers, erasing the data they contain and leaving ransom notes that promise “recovery” of the deleted databases in exchange for cryptocurrency. Mass ransomware attacks on exposed MongoDB databases According to recent … Read more

A large-scale data exposure incident has hit Chat & Ask AI, a popular generative AI application with around 50 million users worldwide. Due to a misconfigured Firebase cloud database, hundreds of millions of private conversations between users and AI chatbots were left accessible to anyone who knew where to look, including highly sensitive and potentially … Read more

Two recent security incidents involving the OpenClaw AI agent platform (previously known as ClawdBot and Moltbot) and its companion service Moltbook demonstrate how quickly rapidly developed AI tools can become high‑value attack surfaces. Researchers have disclosed a one‑click remote code execution (RCE) chain in OpenClaw and a publicly exposed Moltbook database containing secret API keys, … Read more

Microsoft has announced a fundamental change in Windows authentication: in upcoming client and server releases, the NTLM (New Technology LAN Manager) protocol will be disabled by default. This decision directly impacts corporate networks worldwide and reflects the long history of NTLM weaknesses and its central role in modern lateral-movement and credential-theft attacks. Why Microsoft Is … Read more

In 2025, the popular text editor Notepad++ became the target of a sophisticated software supply chain attack. Attackers did not breach the application’s source code. Instead, they compromised the infrastructure of a former hosting provider for notepad-plus-plus.org and abused the update delivery mechanism to distribute malicious installers to selected users. On 2 February 2026, Notepad++ … Read more

Researchers at BlackPoint Cyber have documented a technically sophisticated malware campaign that combines ClickFix social engineering, a fake CAPTCHA page and abuse of Microsoft Application Virtualization (App‑V) to deliver the Amatera infostealer. The operation exemplifies a “living off the land” approach, in which attackers rely on trusted system components and popular cloud services to evade … Read more

A US federal jury has convicted former Google engineer Linwei (Leon) Ding of stealing confidential information about Google’s artificial intelligence (AI) infrastructure and channeling it to entities linked to the People’s Republic of China. The case has quickly become a landmark example of economic espionage targeting high-performance computing and AI platforms, underscoring how damaging a … Read more

AI-powered toys promise personalized learning and engaging conversations, but the recent Bondu AI toy data breach shows how quickly that convenience can turn into a serious privacy incident. Due to a simple yet critical access-control error in Bondu’s web portal, anyone with a Gmail account could access thousands of children’s conversations with the toy and … Read more

Security researchers at Bitdefender have uncovered a large-scale Android malware campaign that abuses the trusted AI platform Hugging Face to host and distribute malicious APK files. The attackers deploy a fake security application called TrustBastion to install a powerful Android remote access trojan (RAT) designed to steal credentials from banking, payment, and other financial services. … Read more

Match Group, the owner of popular dating platforms such as Tinder, Match, Meetic, OkCupid and Hinge, has disclosed a cybersecurity incident after the hacking group ShinyHunters published an archive of around 1.7 GB. The attackers claim access to approximately 10 million user records from Hinge, Match and OkCupid, alongside hundreds of internal corporate documents. The … Read more