Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via ...

Dangerous new malware exploits WinRAR flaw - here's what we know

A Chinese state-sponsored actor was seen exploiting a WinRAR bug, soon after the Russians.
Dark Reading

Attackers Use Windows Screensavers to Drop Malware, RMM Tools

By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," ...

Moltbook, the viral social media site for AI bots, contains a ‘lethal trifecta’ for how the agent internet could fail, security researchers say

If toy agents on a Reddit clone can create this much chaos, what happens when agentic systems manage enterprise infrastructure or financial transactions?" ...
CSO Online

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Popular open-source coding application targeted in Chinese-linked supply-chain attack

A Chinese-linked cyberespionage group with a long history hijacked the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware to targeted users, ...
SecurityWeek

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

How AI and agentic AI are reshaping malware and malicious attacks, driving faster, stealthier, and more targeted ...
The Hacker News

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

Attackers breached eScan antivirus update infrastructure to push malicious updates, deploying persistent malware on ...