%term

Attackers are integrating LLMs directly into malware #cybersecurity #ai #malware #infosec #podcast

Nov 18, 2025 By LimaCharlie In LimaCharlie

Threat actors have moved beyond using AI to speed up operations. They're now embedding large language models directly into malware. In this Intel Chat, Matt Bromiley and Chris Luft discuss Google's Threat Intelligence Group findings on malware families like PromptFlux and PromptSteal. These threats query LLMs mid-execution to dynamically alter behavior, obfuscate code, and generate system commands on demand.

View Video

LimaCharlie

Read more about Attackers are integrating LLMs directly into malware #cybersecurity #ai #malware #infosec #podcast

CTI roundup: Whisper Leak, @acitons/artifact, Quantum Route Redirect

Nov 18, 2025 By Tanium In Tanium

Whisper Leak targets remote language models, @acitons/artifact targets GitHub Actions users, and Quantum Route Redirect simplifies phishing.

Read Post

Tanium

Read more about CTI roundup: Whisper Leak, @acitons/artifact, Quantum Route Redirect

Defeating BLOCKADE SPIDER: How CrowdStrike Stops Cross-Domain Attacks

Nov 18, 2025 By Chris Prall In CrowdStrike

Cross-domain attacks exemplify adversaries’ drive for speed and stealth. In these attacks, threat actors navigate multiple domains such as endpoint, cloud, and identity systems to maximize their reach and impact. Their goal is to exploit the weaknesses in organizations’ fast-growing and complex environments.

Read Post

CrowdStrike

Read more about Defeating BLOCKADE SPIDER: How CrowdStrike Stops Cross-Domain Attacks

Endpoint Protection Blindspot: The Rise of Ransomware in the VM Layer

Nov 17, 2025 By Rubrik In Rubrik

Learn about the shift from physical to virtual data centers in the 2000s and the rise of ransomware attacks that take advantage of security blind spots (e.g. lack of endpoint protection) to target hypervisors and breach your data. Learn why you need to shift from prevention only to cyber resilience for stronger defenses against modern adversaries (Scattered Spider, UNC5112, and others). Rubrik can help.

View Video

Rubrik

Read more about Endpoint Protection Blindspot: The Rise of Ransomware in the VM Layer

Intel Chat: LLM in malware, LandFall, Windows kernel zero-day & Ex-L3Harris exec sells secrets [268]

Nov 17, 2025 By LimaCharlie In LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

View Video

LimaCharlie

Read more about Intel Chat: LLM in malware, LandFall, Windows kernel zero-day & Ex-L3Harris exec sells secrets [268]

E-Commerce Security: A Complete Guide to Protecting Your Online Store

Nov 16, 2025 By SecuritySenses In SecuritySenses

When you shop online, you trust the website with your most personal information-your name, address, and credit card details. And if you expect safety as a customer, imagine how much responsibility an online store owner carries. That's why e-commerce security isn't just another technical task-it's the foundation of keeping your customers safe and your business trustworthy.

Read Post

SecuritySenses

Read more about E-Commerce Security: A Complete Guide to Protecting Your Online Store

New Android Malware Platform Targets Bank Accounts

Nov 14, 2025 By KnowBe4 Team In KnowBe4

Researchers at Zimperium are tracking a new malware-as-a-service platform designed to target Android phones with banking Trojans. The platform, dubbed “Fantasy Hub,” allows unskilled threat actors to launch sophisticated malware campaigns that trick victims into granting access to their bank accounts.

Read Post

KnowBe4

Read more about New Android Malware Platform Targets Bank Accounts

CTI roundup: RMM abuse, SesameOp, Google's 2026 Cybersecurity Forecast

Nov 14, 2025 By Tanium In Tanium

Actors exploit RMM tools to target trucking and logistics companies, SesameOp uses the OpenAI Assistants API for C2 communications, and Google warns of rising adversary AI adoption in 2026.

Read Post

Tanium

Read more about CTI roundup: RMM abuse, SesameOp, Google's 2026 Cybersecurity Forecast

Gang Files: Royal Ransomware

Nov 13, 2025 By WatchGuard Technologies In WatchGuard

Adam Winston breaks down how attackers, including the Royal Ransomware Group, are moving below the endpoint to hit hypervisors and core infrastructure. It’s a blind spot too many overlook.

View Video

WatchGuard

Read more about Gang Files: Royal Ransomware

Payroll Pirates: The Widespread Malvertising Network

Nov 12, 2025 By Dean Fenster In Cyberint

Since at least May 2023, a financially motivated cyber-crime network has been operating a phishing campaign primarily abusing Google Ads, and occasionally Microsoft Ads to drive traffic to credential-harvesting websites. This campaign – part of which was named “Payroll Pirates” by SilentPush – has remained active, with periodic updates to tactics and target rotations.

Read Post