Cyber News & Articles

A Russian hacker accused of helping ransomware gangs break into businesses across the United States is set to plead guilty, according to recently filed federal court documents.

25-year-old Aleksey Olegovich Volkov worked as an “initial access broker”, a cybercriminal specialist who focuses on the earliest stage of an attack: gaining the first foothold inside a victim’s network.

Read more in my article on the Hot for Security blog.

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud.
The company said it has built Private AI Compute to “unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.
The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of initial infection.
“

In episode 76 of The AI Fix, two US federal judges blame AI for imaginary case law, a Chinese “humanoid” dramatically sheds its skin onstage, Toyota unveils a crabby walking chair creeps us out, Google plans AI chips in orbit, robot dogs get jobs at Sellafield, and AI writes cruise-ship gags from the 1950s (but a little less racist.)

Plus: Graham gives all his credit card numbers away in an attempt to buy AI-generated jokes, and Mark asks a terrifying question: if you make an LLM “notice its noticing,” does it start sounding… conscious?

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations.
Download the full CISO’s expert guide to AI Supply chain attacks here. 
TL;DR

AI-enabled supply chain attacks are exploding in scale and sophistication – Malicious package uploads to open-source repositories jumped 156% in

Cybersecurity researchers have discovered a malicious npm package named “@acitons/artifact” that typosquats the legitimate “@actions/artifact” package with the intent to target GitHub-owned repositories.
“We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish

Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that’s sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.
According to its seller, the malware enables device control and espionage, allowing threat actors to collect SMS messages, contacts, call logs, images, and videos, as well as intercept, reply,

Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform.
The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. 
The

The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control.
“Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs,” the Genians