browser
-
Russian State-Sponsored Hackers Targeting Global Router Networks
Russian military-linked hackers are actively compromising poorly secured home and small-office routers to hijack internet traffic and conduct espionage on…
Read More » -
Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data
A malicious PyPI package, hermes-px, masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a…
Read More » -
Google’s Bug Bounty Program Hits Record $17 Million in 2025 Payouts
Google announced a record-breaking year for its Vulnerability Reward Program (VRP) in 2025, paying out over $17 million to ethical…
Read More » -
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber operations have evolved from a monolithic structure to a modular, portfolio-style ecosystem. This design ensures resilience, making…
Read More » -
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been…
Read More » -
LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software
A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to…
Read More » -
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover
Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities,…
Read More » -
Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations
Security researchers have exposed a malicious Google Chrome extension dubbed “ChatGPT Ad Blocker,” which stealthily pilfers private AI dialogues. The…
Read More » -
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are escalating from basic social engineering to comprehensive data theft operations, with the newly identified Venom Stealer malware exemplifying…
Read More » -
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful…
Read More » -
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known…
Read More » -
EvilTokens Launches New Phishing Service Targeting Microsoft Accounts
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather…
Read More » -
New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains
New homoglyph attack techniques exploit subtle visual similarities in text to spoof trusted domains, steal credentials, and bypass Unicode handling…
Read More » -
Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, now widely recognized as…
Read More » -
GhostClaw AI Malware Targets macOS Users with Credential-Stealing Payloads
GhostClaw, a multi-stage macOS infostealer, now exploits both GitHub repositories and AI-assisted development workflows to steal credentials and deploy secondary…
Read More »