Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
Developer Tech

Mozilla shows Claude Code malware risk in clean GitHub repo

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
InfoQ

Azure Functions Ships Serverless Agents Runtime at Build 2026

Azure Functions shipped a serverless agents runtime in public preview at Build 2026. Agents are defined in .agent.md markdown ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
CSO Online

Be on the lookout for Mistic, a new backdoor used by ransomware broker

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.

Edge users beware — this malicious extension can break out of the sandbox and install ransomware

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...