Emerging malicious LLMs such as WormGPT 4 and KawaiiGPT are being sold and distributed through underground platforms like Telegram and Darknet forums. These AI-based tools are capable of generating highly functional malware scripts.

The OWASP Top 10 for 2025 introduces core changes emphasizing systemic risks in modern application ecosystems. Key additions include “Supply Chain Failures” at rank #3 and “Mishandling of Exceptional Conditions” at rank #10.

An ATM fraud operation led by the threat group UNC2891 involved ATM malware, money mule recruitment, rootkit-based PIN bypass, and coordinated cash withdrawal efforts targeting two major Indonesian banks between 2022 and 2024.

Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits several vulnerabilities.

The vulnerability, tracked as CVE-2025-9501, in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.

The Sneaky2FA phishing-as-a-service (PhaaS) kit has added browser-in-the-browser (BitB) capabilities that are used in attacks to steal Microsoft credentials and active sessions.

British lawmakers have been warned of a growing espionage campaign spearheaded by China’s Ministry of State Security (MSS), which leverages LinkedIn as a vector to target members of Parliament and policy influencers.

The EchoGram attack exploits LLM guardrails designed to detect and block malicious prompts. By leveraging carefully selected “flip tokens,” it can silently override guardrail verdicts, enabling prompt injections and false positives.

Akira ransomware has generated over $244 million in illicit proceeds since late September 2025, showcasing a significant evolution in its tactics and capabilities. The group has expanded its targeting scope to include Nutanix AHV environments.

As of November 2025, Akira ransomware actors have expanded their operations, deploying a new variant—Akira_v2—that features faster encryption speeds and improved mechanisms to inhibit system recovery.