Speakeasies to Shadow AI: Banning AI Browsers Will Fail

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country’s Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the cluster under the name Dust Specter. The attacks, which manifest in the…

A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a “full spectrum” of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency

The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought — especially when the Dark Web stands ready to capitalize on every vulnerability.

The first known malicious MCP server is an AI integration tool that automatically sends email such as those related to password resets, account confirmations, security alerts, invoices, and receipts to threat actors.

Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft. The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious…

Email-based attacks aren’t relics of the past. They’re active, sophisticated, and increasingly lucrative for attackers.