Skip to content
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. “Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands – making it particularly effective againstRead More »ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Possible New Result in Quantum Factorization

I’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers with a quantum computer.

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo’s LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry BearRead More »DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated in Android 17 Beta 2, was first reported by Android Authority last week. AAPM was introduced by Google in AndroidRead More »Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

Loblaw Data Breach Impacts Customer Information

Personal information such as names, email addresses, and phone numbers was accessed by hackers. The post Loblaw Data Breach Impacts Customer Information appeared first on SecurityWeek.

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform’s “inherently weak default securityRead More »OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM GMT on Thursday, March 19, 2026. I’m speaking at RSAC 2026 in San Francisco, California, USA, on Wednesday, March 25,Read More »Upcoming Speaking Engagements

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a “significant escalation” in how it propagates through the Open VSX registry. “Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and extensionDependencies to turn initiallyRead More »GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Copyright © 2026 infosecintel.net