A new malware campaign dissected by the Securonix  Threat Research team underscores an uncomfortable truth for defenders: some of the most effective modern intrusions still rely on decades-old Windows scripting, dressed up with just enough obfuscation and in-memory trickery to stay ahead of automated detection. Tracked as SHADOW#REACTOR , the operation delivers a familiar end goal—a fully functional Remcos remote access trojan—but the path it takes to get there is anything but simple. Instead...

For a brief moment last week, the internet appeared to relive a familiar panic: headlines warning that cybercriminals had walked away with data from millions of Instagram users. Security vendor Malwarebytes  said attackers had stolen sensitive information tied to roughly 17.5 million accounts. Instagram pushed back just as forcefully, insisting there was no breach of its systems at all. Both claims can technically coexist — and that uneasy overlap says more about the modern data exposure...

For years, defenders have warned that artificial intelligence would expand the attack surface. What they lacked was proof that adversaries were already doing the math. That proof is now emerging from telemetry captured deep inside live AI infrastructure. Between October 2025 and January 2026, researchers operating an Ollama-based honeypot observed more than 91,000 attack sessions , revealing two distinct campaigns that illuminate how threat actors are methodically charting the rapidly growing...