Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

Over 400 Arch Linux packages compromised to push rootkit, infostealer

More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens.

A report from the open-source intelligence community Independent Federated Intelligence Network (IFIN) notes that a new maintainer is spoofing a trusted publisher on the AUR platform to push infected packages.

The Arch Linux distribution is popular among power users and developers, using the AUR catalog to provide the latest versions for installed software, drivers, and the kernel.

AI Cyber Threats Drive Zero Trust Security Shift

By Chuck Brooks, president of Brooks Consulting International and one of Executive Mosaic’s GovCon Experts

We have now transitioned from the age of digital dangers to an era of complete systemic vulnerability. The data clearly demonstrates that cyber threats are no longer sporadic; they represent a persistent, sophisticated phenomenon. Hackers are now utilizing autonomous adversaries rather than merely sophisticated tools.

Recent industry data obtained in early 2026 indicates a vertical trajectory, revealing that global AI-driven cyber incidents have surged by an astonishing 72 percent year-over-year. A 72 percent surge is not just growth; it’s systemic acceleration.

The Quantum Frontier: How Quantum Computing Is Reshaping Our Future

Quantum computing was once considered a distant scientific project that could revolutionize computing. That discussion has shifted drastically today. Quantum technologies have progressed beyond lab trials and theory. Emerging quantum capabilities include commercial quantum platforms, quantum networking projects, quantum sensor advancements, and powerful quantum processors.

Advances in recent years suggest we are entering the Quantum Frontier Era. National security, science, economic competitiveness, and cybersecurity will all feel the impact. The quantum age has begun. It’s started.

AI Misbehavior Is No Longer Confined to the Lab

Further Reading.
Thumbail original image used credit: Adobe Stock Image.
Graph from: Scheming in the wild: detecting real-world AI scheming incidents with open-source intelligence.

Shutdown resistance in reasoning models.
https://palisaderesearch.org/blog/shu

Natural emergent misalignment from reward hacking in production RL
https://arxiv.org/html/2511.18397v1
Scheming in the wild: detecting real-world AI scheming incidents with open-source intelligence.
https://arxiv.org/abs/2604.

[CRITICAL Security Issue/Bug] Plan mode restrictions bypassed when spawning sub-agents #6527
https://github.com/anomalyco/opencode

#explained.
#science #artificialintelligence #tech #misalignment

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

“The group actively tracks and evaluates modern vulnerabilities, including CVE-2024–55591, CVE-2025–32433, and CVE-2025–33073, and combines them with technique-driven paths like backup and management-controller abuse and NTLM relay workflows, giving them a flexible exploitation pipeline,” Check Point said.

That’s not all. In March 2026, Hunt.io said it discovered an open directory hosted at “176.120.22[.]127:80” on the Russian bulletproof hosting provider Proton66 that exposed 126 files containing a complete ransomware operator toolkit attributed to a The Gentlemen RaaS affiliate.

This included tools for reconnaissance, privilege escalation, defense evasion, credential theft, lateral movement, persistence, and pre-encryption preparation, essentially spanning all phases of the intrusion lifecycle.

Maine breach portal abused to publish fake data breach disclosures

In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine’s official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims.

A notice allegedly filed by multiplayer social virtual reality platform VRChat is the most recent entry in the state Attorney General’s breach disclosure database.

However, a company representative told BleepingComputer that the breach notification is fake and has been filed using the name of a fictitious employee.

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.

PeopleSoft is an enterprise business software suite used by large organizations to manage business operations such as human resources, payroll, finance, supply chain management, procurement, and student administration.

Yesterday, BleepingComputer learned of widespread data theft attacks targeting both cloud and on-premises Oracle PeopleSoft customer instances. These customers were receiving extortion demands that were signed by the ShinyHunters extortion gang.

/* */