-
A new vulnerability in Perplexity’s Comet AI browser allows attackers to inject malicious prompts through seemingly innocuous screenshots. Disclosed on October 21, 2025, this flaw builds on earlier concerns about prompt injection in agentic browsers, AI-powered tools that act on users’ behalf. The discovery highlights ongoing risks in these emerging technologies, where hidden instructions can […] The post Perplexity’s Comet Browser Screenshot Feature Vulnerability Let Attackers Inject Malicious Prompts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Arctic Wolf Labs have uncovered a cunning new threat dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning everyday images into Trojan horses for malware. Active since March 2025 and evolved rapidly by…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through hidden text in screenshots. The vulnerability, disclosed on October 21, 2025, demonstrates h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated and widespread smishing campaign originating from China has emerged as a significant threat to users worldwide. Researchers have attributed the ongoing attack to a group known as the Smishing Triad, which has demonstrated unprecedented …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have begun actively targeting a critical remote code execution flaw in Adobe’s Magento e-commerce platform, putting thousands of online stores at immediate risk just six weeks after Adobe issued an emergency patch. Known as SessionReaper and tracked as CVE-2025-54236, the vulnerability allows unauthenticated attackers to hijack customer sessions and potentially execute arbitrary code, leading […] The post Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild – 3 in 5 Stores Vulnerable appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Scammers have intensified their efforts to defraud vulnerable populations through sophisticated impersonation schemes and fraudulent financial aid offers, according to recent intelligence monitoring and law enforcement findings. The threat landscape re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Wordfence Threat Intelligence and their Care and Response teams have observed a persistent trend in new malware that leverages heavy obfuscation techniques to evade detection. While some malware attempts to blend in as legi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Unauthenticated attackers are actively exploiting a critical vulnerability affecting Adobe Commerce and Magento platforms worldwide. The flaw, tracked as CVE-2025-54236 and dubbed SessionReaper, enables remote code execution and customer account t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Atlassian has disclosed a critical path traversal vulnerability affecting Jira Software Data Center and Server that could allow authenticated attackers to modify files accessible to the Jira Java Virtual Machine (JVM) process. The vulnerability, tracke…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In July 2025, cybersecurity firm CYFIRMA uncovered an active phishing campaign targeting Linux-based operating systems used by Indian government and military organisations. This operation, attributed to TransparentTribe (also known as APT36 or Operatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
