The Hacker News

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft uncovered 150+ AI-assisted cryptojacking domains using fake software downloads to deploy persistent malware.
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Merck and Mastercard are seeing real agentic AI results. Both say the plumbing came first.

Merck cut a drug discovery cycle by 33% and ships compliant marketing 80% faster. Mastercard is rethinking fraud disputes.
thearabianpost

Outdated BIG-IP devices expose Linux networks

Hackers are exploiting unsupported F5 BIG-IP appliances to gain SSH access to enterprise Linux systems, turning trusted edge infrastructure into entry points for deeper attacks on identity systems and ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Can you enforce strong Active Directory password rules without frustrating users?

Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, ...

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass ...
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...

Who is TeamPCP, the rising hacker group targeting open-source software and AI tools?

TeamPCP is an increasingly notorious group of cybercriminals that carry out software supply chain attacks, where hundreds of ...