Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions. […]
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient.
“Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last week.
Kimwolf
“Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last week.
Kimwolf
Ledger customers impacted by third-party Global-e data breach
Ledger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment processor Global-e. […]
CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries
With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws.
The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek.
Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome
As agentic AI adoption accelerates, identity is emerging as the primary security challenge. Token Security explains why AI agents behave like a new class of identity and why CISOs must manage their access, lifecycle, and risk. […]
NordVPN denies breach claims, says attackers have “dummy data”
NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained “dummy data” from a trial account on a third-party automated testing platform. […]
⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit.
This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,
This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,
Kimwolf Android Botnet Grows Through Residential Proxy Networks
The 2-million-device-strong botnet allows monetization through DDoS attacks, app installs, and the selling of proxy bandwidth.
The post Kimwolf Android Botnet Grows Through Residential Proxy Networks appeared first on SecurityWeek.
Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes
WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day.
The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek.
The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations
Featuring:
Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of architecture, trust, and execution speed.
This report examines how core areas of cybersecurity are evolving in