Blog – Page 98 – Cyber Mike

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group.
The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It’s assessed to be active since May 2025.
“

How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development

Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable.

The post How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development appeared first on SecurityWeek.

AMOS infostealer targets macOS through a popular AI app

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. […]

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information. […]

ApolloMD Data Breach Impacts 626,000 Individuals

The company says hackers stole the personal information of patients of affiliated physicians and practices.

The post ApolloMD Data Breach Impacts 626,000 Individuals appeared first on SecurityWeek.

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight.
Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise

Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards

Windows will have runtime safeguards enabled by default, ensuring that only properly signed software runs.

The post Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards appeared first on SecurityWeek.

Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns

Threat actors from Russia, China, North Korea and Iran have been observed launching attacks.

The post Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns appeared first on SecurityWeek.

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point

Nucleus Raises $20 Million for Exposure Management

The company will use the investment to scale operations and deepen intelligence and automation.

The post Nucleus Raises $20 Million for Exposure Management appeared first on SecurityWeek.

Cyber News