Skip to content
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator (aka “Co-Conspirator 1”) based in Florida, all U.S. nationals,Read More »U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. “Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate maliciousRead More »Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updatedRead More »Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

How Software Development Teams Can Securely and Ethically Deploy AI Tools

To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews. The post How Software Development Teams Can Securely and Ethically Deploy AI Tools appeared first on SecurityWeek.

CISO Burnout – Epidemic, Endemic, or Simply Inevitable?

CISO burnout is increasing. Are we simply more aware of the condition? Or have demands on the CISO grown and burnout is now the inevitable result?  The post CISO Burnout – Epidemic, Endemic, or Simply Inevitable? appeared first on SecurityWeek.

Claude AI APIs Can Be Abused for Data Exfiltration

An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek.

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is saidRead More »Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks cameRead More »⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Copyright © 2026 infosecintel.net