Tools

Threat actor c00lssh advertises bulletproof VPS/RDP hosting services starting at $5.

Malicious .pth file discovered in litellm v1.82.8 PyPI package executes on Python startup.

Anthropic's Claude Mythos AI model discovers thousands of zero-day vulnerabilities across major systems.

Grafana patches AI vulnerability allowing data exfiltration via malicious web instructions.

Anthropic launches Project Glasswing consortium with 45+ orgs to test Claude Mythos Preview's cybersecurity

Anthropic unveils Claude Mythos, a frontier AI model that identifies thousands of zero-day vulnerabilities but risks

Tech giants launch Project Glasswing, an AI initiative to identify critical software vulnerabilities before malicious

Fortinet releases emergency patch for FortiClient authentication bypass zero-day CVE-2026-35616.

CVE-2026-35616 FortiClient EMS pre-auth API bypass actively exploited in the wild.

ILSpy WordPress domain compromised to deliver malware instead of legitimate tool.

Threat actor JINKUSU sells EvilNote malware source code for $500 on underground forum.

NFC RIPPER Android toolkit advertised for NFC relay attacks on payment terminals and ATMs.

SentinelOne's AI-powered EDR detected Axios NPM supply chain attack within 89 seconds of suspected North Korean

Elastic Security Labs open-sources AI-powered supply chain monitoring tool that detected Axios npm compromise.

CrystalRAT malware-as-a-service emerges on Telegram with RAT, stealer, and prankware capabilities.

WordPress ecosystem plugins patched for multiple medium/critical vulnerabilities in March 2026.

AI pipeline automatically reverse-engineers malware, uncovers Monero mining campaign earning $9K+ since 2023.

Anthropic accidentally leaks 512,000 lines of Claude AI source code via npm package.

Sigma detection rules published for Axios npm package compromise incident.

Threat actors increasingly abuse legitimate tools and native binaries to evade detection in 84% of high-severity

Google patches fourth Chrome zero-day (CVE-2026-5281) exploited in active attacks in 2026.

Malware sample disguised as BlueBeam Revu installer uploaded to Bazaar.

Anthropic accidentally leaked Claude Code source code via NPM package due to misconfigured build artifact.

GIGABYTE Control Center vulnerable to critical arbitrary file-write flaw enabling remote code execution.

Claude AI discovers RCE vulnerabilities in Vim and GNU Emacs triggered by file open.

Elastic releases detection rules for Axios npm package supply chain compromise

NetScan cybercrime tool advertised on darknet forum for vulnerability scanning and API key harvesting.

Apple blocks ClickFix attacks in macOS Tahoe 26.4 with Terminal paste warnings.

LLMs can generate syntactically valid but semantically flawed access control policies, quietly expanding organizational

NCSC urges UK organizations to mitigate recategorized F5 BIG-IP Access Policy Manager vulnerability.

Threat actor selling MailPro, an AI-enabled email campaign management tool for spam and phishing.

Open VSX bug allows malicious VS Code extensions to bypass pre-publish security scans.

Sucuri blog details web shell threats, types, and mitigation strategies for compromised web servers.

Logs Guru v1.4 utility tool advertised on cybercrime forum for processing stolen credentials.

Google announces Post-Quantum Cryptography integration in Android 17 with ML-DSA signatures.

GitHub releases 294,000+ unreviewed security advisories as searchable dataset.

Unit 42 reveals LLM guardrail fragility using genetic algorithm prompt fuzzing across open and closed models.

Researchers develop genetic algorithm-based prompt fuzzing to test LLM guardrail robustness.

Researcher discloses voltage glitching exploit against Xbox One boot ROM.

Microsoft releases emergency KB5085516 update to fix Microsoft account sign-in regression after March Patch Tuesday.