Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

The Critical Importance of Security and Power Resilience for Data Centers in the AI Era

AI Era Data Centers: Power & Security Challenges By Chuck Brooks

As AI adoption accelerates across the government, challenges like higher power demand and cyber risks are expected to emerge.

#datacenters #cybersecurity #artificialintelligence

By Chuck Brooks, president of Brooks Consulting International and one of Executive Mosaic’s GovCon Experts

Artificial intelligence, or AI, is not merely a tool in our age of rapid technological advancement; rather, it is the fundamental force behind innovation in all spheres of society. Our world is changing due to AI’s capabilities, which range from real-time decision-making in national security to predictive analytics in healthcare.

The contemporary data center, the digital stronghold that stores, processes and drives the enormous computing demands of AI models, is at the center of this change. However, as AI adoption picks up speed, these vital

The Critical Importance of Security and Power Resilience for Data Centers in the AI Era

infrastructures are confronted with two existential challenges: an unparalleled increase in power usage and a changing environment of increasingly complex security risks. For operational continuity, economic stability and national resilience, addressing both is now essential and no longer discretionary.

Continue reading “The Critical Importance of Security and Power Resilience for Data Centers in the AI Era” | >

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Described as “sophisticated,” the campaign mixes social engineering with advanced evasion techniques to steal sensitive information from compromised systems.

It is unclear how the attack begins, but researchers at Aryaka, a network and security solutions provider, suspect that the malware is distributed via spear-phishing emails.

New BeatBanker Android malware poses as Starlink app to hijack devices

A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store.

The malware combines banking trojan functions with Monero mining, and can steal credentials, as well as tamper with cryptocurrency transactions.

Kaspersky researchers discovered BeatBanker in campaigns targeting users in Brazil. They also found that the most recent version of the malware deploys the commodity Android remote access trojan called BTMOB RAT, instead of the banking module.

New ‘Zombie ZIP’ technique lets malware slip past security tools

A new technique dubbed “Zombie ZIP” helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products.

Trying to extract the files with standard utilities like WinRAR or 7-Zip results in errors or corrupted data. The technique works by manipulating ZIP headers to trick parsing engines into treating compressed data as uncompressed.

Instead of flagging the archive as potentially dangerous, security tools trust the header and scan the file as if it were a copy of the original in a ZIP container.

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts.

The package, named “@openclaw-ai/openclawai,” was uploaded to the registry by a user named “openclaw-ai” on March 3, 2026. It has been downloaded 178 times to date. The library is still available for download as of writing.

JFrog, which discovered the package, said it’s designed to steal system credentials, browser data, crypto wallets, SSH keys, Apple Keychain databases, and iMessage history, as well as install a persistent RAT with remote access capabilities, SOCKS5 proxy, and live browser session cloning.

Microsoft: Hackers abusing AI at every stage of cyberattacks

Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack.

According to a new Microsoft Threat Intelligence report, attackers are using generative AI tools for a wide range of tasks, including reconnaissance, phishing, infrastructure development, malware creation, and post-compromise activity.

In many cases, AI is used to draft phishing emails, translate content, summarize stolen data, debug malware, and assist with scripting or infrastructure configuration.

Microsoft Teams phishing targets employees with A0Backdoor malware

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor.

The attacker relies on social engineering to gain the employee’s trust by first flooding their inbox with spam and then contacting them over Teams, pretending to be the company’s IT staff, offering assistance with the unwanted messages.

To obtain access to the target machine, the threat actor instructs the user to start a Quick Assist remote session, which is used to deploy a malicious toolset that includes digitally signed MSI installers hosted in a personal Microsoft cloud storage account.

/* */