Dark Reading

Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted

A new ransomware strain that entered the scene last year has poorly designed code and an odd "Hebrew" identity that might be ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

From Cipher to Fear: The psychology behind modern ransomware extortion

Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today's ransomware groups weaponize stolen data and pressure ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Storing your BitLocker key in the cloud? Microsoft can give it to the FBI - what to do instead

Microsoft says it may give your encryption key to law enforcement upon a valid request. Here's how to protect your privacy.
National Law ReviewOpinion

Why Law Students Should Learn to Code in the Age of AI

For decades, the standard technical requirement for a law student was a mastery of Westlaw and a passing familiarity with ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...
CSO Online

Ransomware gang’s slip-up led to data recovery for 12 US firms

What it discovered were stolen datasets belonging to 12 unnamed and unconnected firms hit in separate INC ransomware attacks.
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...