ACR Stealer campaigns use ClickFix lures, JPEG steganography, and WebDAV to steal browser tokens, passwords, PDFs, and synced ...
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices ...
QR code phishing – also known as quishing – has reached record levels in ESET telemetry. ESET analyzed nearly 900,000 AI ...
Threat researchers at cloud security firm Sysdig have disclosed what they describe as the first documented ransomware operation carried out end-to-end by an autonomous AI agent, with no human typing ...
One compromised agent could take over every other agent in that project ...
Discover how the Rogue Agent vulnerability in Google Dialogflow CX enabled persistent AI agent compromise, data exfiltration, ...
Cloud security firm Sysdig has documented what it says is the first ransomware attack carried out from initial exploitation through encryption by an autonomous AI agent, without a human directing each ...
Ethereum gossipsub vulnerability CVE-2026-34219 lets any unauthenticated peer crash a validator with a single crafted PRUNE ...
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...