Fake AI Chrome extensions with 300K users steal credentials, emails
A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email…
Latest Cybersecurity News — Page 380
View all →
Chrome Security Update – Patch for Vulnerabilities that Enables Code Execution Attacks
Chrome Security Update Patch Vulnerabilities Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux, addressing 11 security vulnerabilities that could…
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised…
Power supply issues flagged as major growth inhibitor of European datacentre market
Power availability is the European datacentre market’s “single most important” growth inhibitor, forcing operators to look further afield for sites with abundant renewable energy to…
Sophisticated ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A dangerous malware campaign has emerged on the NPM package registry, putting thousands of developers and Windows users at risk. The malicious package, known as…
Crypto-Funded Human Trafficking Is Exploding
Cryptocurrency’s frictionless, transnational, low-regulation transactions have long promised the ability to pay anyone in the world for anything. More than ever before, that anything includes…
SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware
A DShield honeypot sensor recently recorded a complete compromise sequence involving a self-replicating SSH worm that exploits weak passwords to spread across Linux systems. The…
Child exploitation, grooming, and social media addiction claims put Meta on trial
Meta is facing two trials over child safety allegations in California and New Mexico. The lawsuits are landmark cases, marking the first time that any…
European Commission: TikTok’s addictive design breaches EU law
The European Commission (EC) has preliminarily found that TikTok’s addictive design features violate the bloc’s Digital Services Act (DSA). The preliminary decision outlines how addictive…
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Exploits GitHub, npm, and PyPI to Distribute Malware
The North Korean state-sponsored hacking team, Lazarus Group, has launched a sophisticated fake recruiter campaign targeting cryptocurrency developers through a malicious operation called “graphalgo.” Active…
Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities
Feiniu fnOS network-attached storage (NAS) devices have been pulled into a large Netdragon botnet after attackers exploited still-unpatched vulnerabilities, turning home and small‑business storage into…
Apple patches zero-day flaw that could let attackers take control of devices
Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, and Safari, fixing, in particular, a zero-day flaw that is actively exploited…