Chinese Hackers Use Anthropic AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China leveraged artificial intelligence technology developed by Anthropic to carry out…
Chinese Hackers Use Anthropic AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China leveraged artificial intelligence technology developed by Anthropic to carry out automated cyber intrusions as part of a highly sophisticated espionage campaign observed in mid-September 2025, the company has revealed. In a report detailing the activity, Anthropic said the attackers abused the agentic capabilities of its AI systems in a way…
Trust Wallet Chrome Extension Hack Linked to Shai-Hulud Supply Chain Attack, $8.5M Stolen
Trust Wallet has disclosed that a supply chain attack associated with the Shai-Hulud campaign was behind the recent compromise of its Google Chrome browser extension, an incident that resulted in the theft of approximately $8.5 million in cryptocurrency assets. In a post-mortem released Tuesday, the company said the attack stemmed from the exposure of internal…
The Evolution of UTA0388 Espionage Malware: From HealthKick Backdoor to GOVERSHELL APT
Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign attributed to a China-aligned threat actor tracked as UTA0388, which has been actively targeting organizations across North America, Europe, and Asia. The campaign relies on highly targeted spear-phishing attacks designed to deploy a custom Go-based backdoor known as GOVERSHELL Unlike mass phishing operations, these attacks demonstrate…
Qilin Ransomware Exploits South Korean MSP Breach in 28-Victim “Korean Leaks” Cyberattack
South Korea’s financial industry has come under intense cyber pressure following the discovery of a large-scale ransomware campaign linked to the Qilin ransomware operation. Security researchers say the attacks were not isolated incidents but part of a coordinated supply chain compromise that enabled threat actors to infiltrate multiple organizations simultaneously. Unlike traditional ransomware intrusions, this…
GeoServer XXE Security Flaw Under Active Attack, According to CISA KEV Update
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning after identifying active exploitation of a serious vulnerability affecting OSGeo GeoServer, a widely used open-source geospatial server platform. The flaw has now been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling elevated risk for organizations that rely on the software….
