TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

Users probe backup failures find Claude-assisted commits. Veteran engineer retorts: 'I did not just vibe-code 'convert test ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

As the popularity of the CapCut video editing tool continues to soar, with features such as background removal with over 200 million monthly active users in the US alone, threat actors (TAs) have ...

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, in another example of the dangers posed by the AI supply chain. AI ...

A threat actor has launched a campaign to clean up environments infected by the infamous TeamPCP hacking group and deploy its own malicious tools, SentinelOne reports. Active since late April, the ...

Security researchers at Malwarebytes have found a fake Windows 11 24H2 update campaign that steals sensitive data from Windows PC users. The attackers host a very convincing Microsoft‑style support ...

If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...

Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files. A new infostealer named ‘Arkanix Stealer’ operated as a malware-as-a-service (MaaS) enterprise in ...

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence. A newly uncovered ...