RECON

New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows

OpenAI commits $7.5M to The Alignment Project to fund independent AI alignment research, strengthening global efforts to address AGI safety and security risks.

A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow

Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw

Fraud campaign exploiting Indonesia’s Coretax resulted in $1.5m to $2m in losses via malicious apps

Adapt, Protect, and Extend: How Partners Can Help Orgs Unlock ROI from AI

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched

Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can shop or sell without headaches.

Key findings  Proofpoint observed a new malware-as-a-service (MaaS) masquerading as a legitimate remote monitoring and management (RMM) tool. It calls itself TrustConnect.   The “business page” – clearly created by automated tooling of some kind– is actually the login for the MaaS. As of this writing, access was advertised at $300 per month.  Based on details of the malware creator, capabilities of the malware, and knowledge of the ecosystem, we assess with moderate confidence the threat acto...

Surgeries Canceled, Clinics Closed After University of Mississippi Medical Center Suffers Ransomware Attack    Mississippi Free Press

PromptSpy Android malware may exploit Gemini AI    Computer Weekly

Singapore mounts multi-agency defense of telcos against APT actor UNC3886    Frontier Enterprise