The Cyber Trove

The Cyber Trove https://validator.w3.org/feed/docs/rss2.html GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions Revealed Scallop Protocol Breached: 150,000 SUI Drained in Reward Pool Exploit Power to the People: Sam Altman Outlines 5 Pillars for ‘Universal AI Benefit’ Litecoin Zero-Day Exploit: How a Malformed MWEB Transaction Triggered a 13-Block Reorg Stealthware Uncovered: Linux ELF Malware Outsmarts AI Defenses Urgent: Critical Notepad++ Flaw Exposes Private Memory EU Pushes Google to Share Search Data With Rivals The GlassWorm Evolution: How 73 Open VSX Sleeper Extensions Target Developers Design as a Weapon: macOS ‘textutil’ and KeePassXC Exposed as Automation Attack Primitives New Malware Uses Obfuscation to Evade Detection Vidar 2.0 Malware: Fake YouTube Downloads Target Corporate The Secret in the Script: ClickUp’s Hardcoded API Key Leaks 959 Fortune 500 Emails Google’s $40B Anthropic Bet: The Battle for AI Silicon Gemini CLI Vulnerability Enables CI/CD Code Execution The Shai-Hulud Worm: Bitwarden CLI Compromise Exposes Cloud Secrets The Commercial Spyware Explosion: 100 Governments Now Possess Elite Hacking Tools The Ultimate Betrayal: Ransomware Negotiator Angelo Martino Pleaded Guilty to Aiding ALPHV/BlackCat Pharma Under Fire: Kimsuky’s Weaponized “ERP” Malware Targets Drug Researchers AI-Powered Harassment: Kyiv Police Dismantle Crypto Extortion Ring ClickFix Attack Uses Cmdkey and Regsvr32 Payload Shadow AI: Microsoft Store App ‘Vibing.exe’ Exposed for Covert Data Harvesting AI Unbundling: New Group Policy Allows IT Admins to Remove Windows 11 Copilot AI-Powered Heists: How North Korea’s “HexagonalRodent” Stole $12M in Crypto The Mythos Paradox: Australia Partners with Anthropic Amid “Double-Edged” AI Alarms Outlook.com Outage Blocks Email Access for Users SYSTEM Breach: Critical Nessus Agent Flaw Enables Full Windows Takeover Pentest AI Agents: 28 Claude Code Subagents for Pentesting Silicon Sovereignty: DeepSeek V4 Ditches Nvidia for Huawei Infrastructure The “AI Psychosis” Study: Grok Labeled “Highest Risk” for Validating Delusions The NEC-Anthropic Alliance: Building Japan’s AI-Native Security Powerhouse Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCP The Rise of Agentic Commerce: From Craigslist to Claude The “Pay or Leak” Ultimatum: ADT Faces New Extortion Threat The Identity Overreach: When New Roles Break Old Boundaries Precision Sabotage: The ‘fast16’ Malware Targeting Ultra-High-Value Assets CODESYS Vulnerabilities Enable PLC Backdoors: ICS Security Guide Vidar Malware Evolution: Hiding Payloads in JPEGs to Bypass Modern Defenses The AI Privacy Alarm: Claude Desktop’s Silent Manifest Deployment GPT-5.5 Bio Bug Bounty Targets AI Safety Risks The Identity Gap: When AI Management Meets Tenant Security React2Shell Exploits Tracked via Telegram Bots (CVE-2025-55182) The Rise of the “Covert Network”: Hiding in Plain Sight Ollama Model Upload Vulnerability (CVE-2026-5757) The “Pay or Leak” Ultimatum: Udemy in the Crosshairs Python Asyncio Vulnerability (CVE-2026-3298) Explained The IoT Security Crisis: When the Watchman Is the Weak Link Fake Job Interview Malware: Void Dokkaebi Attack Explained The Pastebin Pivot: How a Simple PowerShell Script Hijacks Telegram Sessions Claude Desktop’s Silent Browser Bridge: A Security and Privacy Deep Dive Fake CAPTCHA SMS Fraud: How Hackers Exploit Users