AI-Invoking Malware: The Evolution of Cyber Threats Security company Wiz is noting that cyber attackers are rapidly evolving and are now embedding artificial intelligence directly into malware payloads. This marks a significant departure from using AI ... AI security cybersecurity LLM malware ransomware supply chain threat detection
How Attackers Exploited ViewState Deserialization to Breach Sitecore Deployments A sophisticated cyber campaign has targeted organizations running Sitecore products, exploiting a critical zero-day flaw ( CVE-2025-53690 ). Attackers gained remote code execution by abusing exposed A... cybersecurity deserialization incident response malware remote code execution Sitecore ViewState zero-day
Shai-Hulud: The First Self-Propagating npm Supply Chain Worm In September 2025, the JavaScript community experienced a watershed moment: the Shai-Hulud worm swept through npm, infecting over 100 popular packages. This attack was not just another instance of mal... DevSecOps GitHub incident response JavaScript malware npm security supply chain
How North Korean Hackers Use GitHub for Stealthy Espionage Campaigns Security researchers at Trellix recently exposed a covert cyber-espionage campaign linked to the Democratic People’s Republic of Korea (DPRK). This operation stands out for its use of GitHub as a comm... command and control cybersecurity DPRK espionage GitHub malware threat intelligence
Chrome Zero-Day Attack: How TaxOff Used CVE-2025-2783 for Advanced Espionage Cyber threats are evolving at breakneck speed, and the recent Chrome zero-day attack orchestrated by the TaxOff group is a striking example. This incident demonstrates how swiftly attackers can weapon... chrome cyber espionage malware phishing TaxOff threat intelligence Trinper zero-day