Bleeping Computer

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. Researchers at cybersecurity ...
WinBuzzer

New Databricks KARL RAG Agent Promises 33% Cost Reduction vs. Claude Opus 4.6

Databricks has released KARL, an RL-trained RAG agent that it says handles all six enterprise search categories at 33% lower ...
Dark Reading

'InstallFix' Attacks Spread Fake Claude Code Sites

The cyberattacks blend malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces.

Salt Typhoon is hacking the world’s phone and internet giants — here’s everywhere that’s been hit

Salt Typhoon is by far one of the most prolific hacking groups in recent years, breaching some of the top American phone ...

This Scam Impersonates the Official Claude Code Website to Spread Malware

Scammers are using cloned versions of popular AI coding tools to spread info-stealing malware through fake installation ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Security Boulevard

The Developer’s Practical Guide to Passwordless Authentication in 2026

Why Passwords Are Still a Developer's Problem in 2026. The case against password-based authentication is well-established in the IAM community, but the practical implications for ...
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

Databricks built a RAG agent it says can handle every kind of enterprise search

Databricks' KARL agent uses reinforcement learning to generalize across six enterprise search behaviors — the problem that breaks most RAG pipelines.
Hackaday

Trying A Vibe-Coded Operating System

If you were to read the README of the Vib-OS project on GitHub, you’d see it advertised as a Unix-like OS that was written from scratch, runs on ARM64 and x86_64, and comes with a full GUI, ...