A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, essentially abusing the popularity and trust associated with the video hosting platform for propagating malicious payloads. Active since 2021, the network has published more than 3,000 malicious videos to date, with theRead More »3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed GlassWorm by Koi Security, is the second such supply chainRead More »Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack

Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job. “Some of these [companies’ are heavily involved in the unmanned aerial vehicle (UAV) sector, suggestingRead More »North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets

AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you’re in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you’re left trying to manage a growing web of AI agents you didn’t create, can’t fully see,Read More »Secure AI at Scale and Speed — Learn the Framework in this Free Webinar

Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show exactlyRead More »ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More