ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

New research reveals that AI agents—like OpenClaw—are exposing thousands of systems to hackers, posing notable security risks ...

Attackers are abusing a modified Android NFC app to steal payment card data and PINs for contactless fraud and ATM cash-outs.

Cybersecurity researchers have found out the known Android malware, NGate, is now abusing a legitimate payment app via NFC.

Hack-for-hire groups target iPhone and Android users using phishing attacks, exposing data and highlighting a growing trend ...

Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. Li is a reputable researcher who over the past two decades has worked at ...

Security researchers say they have identified a hack-for-hire group targeting journalists, activists, and government officials across the Middle East and North Africa. The hackers used phishing ...

Threat actors have found a way to inject arbitrary JavaScript into the Flowise low-code platform for building custom LLM and agentic systems. The code injection was possible due to a design oversight, ...

The group is using zero-days, quickly weaponizes fresh bugs, and exfiltrates and encrypts data within days of initial access. The Medusa ransomware group has been operating at a fast pace, seizing ...

Apple today released a new build of iOS 18.7.7 and iPadOS 18.7.7, presumably with a fix for the DarkSword exploit. Apple told Wired that it would release an iOS 18 update for more devices, allowing ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. An autonomous agent found, analyzed and exploited a FreeBSD kernel vulnerability in four ...