CSO Online

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Al Bawaba

Kaspersky identifies RenEngine loader distributed through pirated games and software

Kaspersky Threat Research has revealed its analysis of RenEngine, a malware loader that has recently gained public attention.
Security Boulevard

Attacker Breached 600 FortiGate Appliances in AI-Assisted Campaign: Amazon

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...