China-linked APT Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted cyber-espionage attacks in Türkiye, China, and India. Kaspersky researchers spotted the China-linked APT group Evasive Panda (aka Daggerfly, Bronze Highland, and StormBamboo) running a targeted cyber-espionage campaign using DNS poisoning to deliver the MgBot backdoor against victims in Türkiye, China, and […]
Axios published a real piece of work this week on Vice President JD Vance’s 2028 strategy. The sourcing tells you everything: “Vance aides,” “outside Vance allies,” “Republicans close to Vance,” “person f…
Fortune just quoted ex-Palantir New York Assemblymember Alex Bores on deepfakes. He says fake faces made by AI are “a solvable problem” using the Coalition for Content Provenance and Authenticity (C2PA) standard that cryptographically signs…
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still being cracked using weak master passwords, enabling crypto theft as late as 2025. In 2022, […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan From Linear to Complex: An Upgrade in RansomHouse Encryption Prince of Persia: A Decade of Iranian Nation-State APT Campaign […]
When an outsider gets off a plane in Nepal for the first time, all the faces in the airport crowd blur together. A month later, they see Tibetans, Indians, Chinese, Nepalese. Mountain faces, valley faces. Nobody teaches the outsider what to look for. T…
A critical flaw in LangChain Core could allow attackers to steal sensitive secrets and manipulate LLM responses via prompt injection. LangChain Core (langchain-core) is a key Python package in the LangChain ecosystem that provides core interfaces and model-agnostic tools for building LLM-based applications. A critical vulnerability, tracked as CVE-2025-68664 (CVSS score of 9.3), affects the […]
A hacker using the alias “Lovely” has leaked what they claim is the personal data of over 2.3…
One does not typically expect to find oneself arguing with a film’s color palette for Nazis. Yet here we are. A new Italian film isn’t making just a palette mistake, however, it’s systematically reconstructing fascism as its exact opp…
Someone must have noticed Hegseth’s seaborne operation against Yemen was an historic blunder. Shooting down your own aircraft, colliding with merchant ships, losing jets to maintenance failures, a billion-dollar campaign that ended in a ceasefire…