Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

May 29, 2025

Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware families, and a new malware dubbed Numero.
“CyberLock ransomware, developed using PowerShell, primarily focuses on encrypting specific files on the victim’s system,” Cisco Talos researcher Chetan

Source: Read More

Previous ArticleVictoria’s Secret Website Down After Security Incident

Next Article UK Military Unveils £1B ‘Digital Targeting Web’

Highlights

CVE-2025-52478 – n8n Cross-Site Scripting (XSS) Vulnerability

August 19, 2025

CVE ID : CVE-2025-52478

Published : Aug. 19, 2025, 5:15 p.m. | 7 hours, 37 minutes ago

Description : n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identified in n8n, specifically in the Form Trigger node’s HTML form element. An authenticated attacker can inject malicious HTML via an with a srcdoc payload that includes arbitrary JavaScript execution. The attacker can also inject malicious Javascript by using coupled using an onerror event. While using iframe or a combination of video and source tag, this vulnerability allows for Account Takeover (ATO) by exfiltrating n8n-browserId and session cookies from authenticated users who visit a maliciously crafted form. Using these tokens and cookies, an attacker can impersonate the victim and change account details such as email addresses, enabling full control over the account—especially if 2FA is not enabled. Users should upgrade to version >= 1.98.2.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

We studied 100 dev tool landing pages—here’s what really works in 2025

CVE-2025-52574 – SysmonElixir File Reading Arbitrary File Disclosure

Microsoft Edge 135 is here with big new features, and even bigger changes

Track Metrics Effortlessly with Laravel’s Context Increment and Decrement Methods

CVE-2025-52478 – n8n Cross-Site Scripting (XSS) Vulnerability

Amazon Nova Act SDK (preview): Path to production for browser automation agents

ChatGPT will remember everything you tell it now – like a real personal assistant

An Implementation Guide to Build a Modular Conversational AI Agent with Pipecat and HuggingFace

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

Related Posts