A tool has appeared on the cybercriminal market that has quickly become a mass-produced weapon for dozens of groups. It’s HeartCrypt , a malware packaging service masquerading as a legitimate application. Sophos researchers have been monitoring its activity and found that attackers are using this mechanism to distribute stealers, RAT Trojans, and even security solution deactivation utilities , all using the same social engineering and code substitution techniques. Experts collected thousands of samples and discovered nearly a thousand command and control servers, over two hundred rogue vendors, and campaigns across multiple continents. Based on the nature of their actions, researchers linked most

In August 2025 , China’s State Council released the “Opinions on Deepening the Implementation of the ‘Artificial Intelligence Plus’ Action Plan” , aiming to accelerate the construction of a new intelligent economy and a society based on human-machine collaboration, cross-sector integration, and shared co-creation. The ” Artificial Intelligence+ ” program, promoted nationwide, represents one of the central guidelines of China’s technological development. It is no longer an abstract concept: AI is now integrated into everyday life, transforming key areas such as healthcare , finance , and education , and establishing itself as a truly “intelligent partner” for improving the population’s well-being and

On Monday 20 October, Channel 4 broadcast a full-length documentary hosted by a creative TV presenter powered entirely by artificial intelligence. ” I’m not real. For the first time on a British TV show, I’m actually an AI presenter. Some of you may have already guessed,” the presenter reveals at the end of the show. Channel 4’s AI presenter was produced by an AI marketing agency that used cues to create a digital human. The documentary Will AI Take My Job? explored whether artificial intelligence could outperform professionals in fields such as medicine, law, and fashion photography. Artificial intelligence is everywhere, from

DC Comics has definitively stated its position on generative AI: no machine involvement in the storytelling or illustrations . The announcement was made by company president Jim Lee during a speech at New York Comic Con . He stated that as long as the leadership remains the same, the focus will be solely on human creativity . He emphasized that comic book fans especially appreciate sincerity and intuitively recognize falsity. The company has long required all images to be hand-drawn by artists , but there have been past reports of allegations of generative modeling being used on some alternative covers. These incidents

On the second day of the Pwn2Own Ireland 2025 competition, participants achieved impressive success, discovering 56 new zero-day vulnerabilities and earning a total of $792,750. This is the second phase of the competition, held in Cork, Ireland, where security specialists compete to identify critical vulnerabilities in popular devices and software. One of the most notable performances was the successful hack of a Samsung Galaxy S25 device, in which a two-person team, Ken Gannon of the Mobile Hacking Lab and Dimitrios Valsamaras of the Summoning Team, exploited a complex combination of five flaws . For this attack, they received a $50,000 prize and

In September, Forescout specialists detected a targeted attack on their honeypot server, which mimicked the control system of a water treatment plant. A new hacktivist group, TwoNet , operating in an environment associated with attacks on industrial infrastructure, claimed responsibility for the attack. The group members accessed the interface, modified settings, deleted data sources, and disabled some processes without attempting to gain control of the host. Their goal was to demonstrate their ability to interfere and then spread the accusation of “hijacking a real system” on a Telegram channel. The attack began in the morning from an IP address registered with the

The Russian cybercrime ecosystem has entered a phase of profound transformation, triggered by a combination of factors: unprecedented international pressure from law enforcement agencies, a shift in domestic priorities, and the persistent, yet evolving, links between organized crime and the Russian state. A key event was Operation Endgame , launched in May 2024, a multinational initiative aimed at targeting ransomware groups, money laundering services, and related infrastructure, including within Russian jurisdictions. In response, Russian authorities conducted a series of high-profile arrests and seizures. These actions mark a departure from Russia’s historical stance of near-total non-interference with domestic cybercriminals. The traditional concept of

A recent discovery has revealed that hackers can exploit a flaw in Microsoft Teams on Windows to obtain encrypted authentication tokens , which grant unauthorized access to chats, emails, and files stored on SharePoint. Brahim El Fikhi detailed this vulnerability in a blog post published on October 23, 2025, highlighting how the tokens, stored within a Chromium-inspired cookie database, are vulnerable to decryption using the Data Protection API (DPAPI) provided by Windows. Access tokens give attackers the ability to impersonate users, such as sending Teams messages or emails in the victims’ names , to perform social engineering attacks or maintain persistence .

Security researchers have discovered vulnerabilities in an FIA website that contained sensitive personal information and documents relating to drivers, including world champion Max Verstappen. Ian Carroll, one of three researchers who examined the site, revealed the breach in a blog post on Wednesday. He said the FIA addressed the vulnerabilities in its systems immediately after being contacted last June. The FIA confirmed the breach and stated that it has taken measures to protect driver data. It has contacted the drivers involved and the relevant data protection authorities. The researchers stated that they did not access or retain sensitive information relating to any

The Microsoft Edge security team made significant changes to Internet Explorer mode after receiving confirmation of targeted attacks using it. Experts discovered that attackers exploited vulnerabilities in the outdated Chakra JavaScript engine, integrated into Internet Explorer, to gain remote access to users’ devices. The attacks demonstrated that even in modern browsers, legacy features can become a dangerous conduit for system compromise. Internet Explorer mode in Edge was created as a temporary solution to support legacy websites and corporate portals that relied on technologies like ActiveX and Flash . While much of the web has migrated to modern standards, many organizations still use