Lockheed Martin is partnering with Google Public Sector to integrate Google’s generative AI technologies, including the Gemini models, into its AI Factory.
Google’s AI tools will be introduced within Lockheed Martin’s secure, on-premises, air-gapped environments, making them accessible to personnel throughout the company.
Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named Eternidade Stealer as part of attacks targeting users in Brazil.
“It uses Internet Message Access Protocol (IMAP) to dynamically retrieve command-and-control (C2) addresses, allowing the threat actor to update its C2 server,” Trustwave SpiderLabs researchers Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi said in a technical breakdown of the campaign shared with The Hacker News.
It is distributed through a WhatsApp worm campaign, with the actor now deploying a Python script, a shift from previous PowerShell-based scripts to hijack WhatsApp and spread malicious attachments.
In a move that could redefine the web, Google is testing AI-powered, UI-based answers for its AI mode.
Up until now, Google AI mode, which is an optional feature, has allowed you to interact with a large language model using text or images.
When you use Google AI mode, Google responds with AI-generated content that it scrapes from websites without their permission and includes a couple of links.
A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
The vulnerability, tracked as CVE-2025–9501, affects all versions of the W3TC plugin prior to 2.8.13 and is described as an unauthenticated command injection.
W3TC is installed on more than one million websites to increase performance and reduce load times.
Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits six vulnerabilities.
Over the past six months, scanners looking for ASUS devices compromised in Operation WrtHug identified “roughly 50,000 unique IPs” around the globe.
Most of the compromised devices have IP addresses located in Taiwan, while others are distributed across Southeast Asia, Russia, Central Europe, and the United States.