browser
-
Microsoft Blocks External Scripts in Entra ID Logins to Boost Security
Microsoft has announced a significant security change to the Microsoft Entra ID sign-in experience that will block external scripts from…
Read More » -
Advanced Features Bypass AI Detection and Steal Password Manager Data
The Python-based information-stealing tool Xillen Stealer has reached versions 4 and 5, significantly expanding its targeting capabilities and functionality across…
Read More » -
How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to…
Read More » -
AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while…
Read More » -
AI Browsers That Beat Paywalls by Imitating Humans
The emergence of AI-powered browsers represents a significant shift in how artificial intelligence interacts with web content. However, it has…
Read More » -
Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform,…
Read More » -
New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats
Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness…
Read More » -
New Email Security Technique Prevents Phishing Attacks Behind NPM Breach
The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical…
Read More » -
Lampion Stealer Resurfaces with ClickFix Attack to Steal User Credentials Stealthily
A Brazilian cybercriminal group has refined its long-running malware distribution campaign by incorporating innovative social engineering techniques and multi-stage infection…
Read More » -
Vulnerability in Perplexity’s Comet Browser Screenshot Feature Allows Malicious Prompt Injection
Researchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through…
Read More » -
Direct Memory Attacks Used to Capture Browser Credentials
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums,…
Read More » -
ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware
A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy—a Node.js–based RAT and information stealer—through the…
Read More » -
TikTok Videos Weaponized to Deliver Self-Compiling PowerShell Malware
Attackers are exploiting TikTok’s massive reach to trick users into executing malware through seemingly innocuous videos. In one popular TikTok…
Read More » -
Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity
Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security…
Read More »