ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Abstract: As anti-detection techniques like code obfuscation and polymorphism continue to evolve, the number of malicious variants has grown significantly. This increases the complexity and difficulty ...

You should treat any unexpected package with caution, even if it looks innocent. Dangerous substances and malicious content increasingly come disguised in candy bags, toy boxes, souvenir items, and ...

Your trusted extension/add-on with over 100k review might be spying on you.

Abstract: Static webshell detection is increasingly challenged by sophisticated code obfuscation techniques that degrade the performance of existing models. To address this, we propose Cortex, a novel ...

This piece could serve as a sequel to the column piece “When gods err” (8/8/25) that I wrote last year. I started off then by saying that the moniker “the gods of Padre Faura” refers to the Supreme ...

Jscrambler, the pioneering platform for client-side protection and compliance, today announced its inclusion in the Forrester report, "The Rise of Web Application Protection Platforms." Jscrambler is ...

ChatGPT may be the best-known artificial intelligence chatbot on the market, but the latest iteration of AI startup Anthropic’s coding bot, Claude Code, is newly entering the spotlight. By simplifying ...

Claude Code generates computer code when people type prompts, so those with no coding experience can create their own programs and apps. By Natallie Rocha Reporting from San Francisco Claude Code, an ...