-
Over 900,000 Chrome users have been compromised by two malicious extensions that secretly exfiltrate ChatGPT and DeepSeek conversations to attacker-controlled servers. Security researchers discovered the extensions impersonating the legitimate AITOPIA …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are exploiting complex routing scenarios and misconfigured email authentication protections to successfully spoof organizational domains, enabling them to deliver phishing emails that appear to originate from within targeted companies. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ESET Research has uncovered a significant surge in CloudEye malware detections, with a 30-fold increase in the second half of 2025. The security firm detected more than 100,000 infection attempts over the six months, signaling a widespread threat affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new community tool is giving Windows 11 users far more control over Microsoft’s growing stack of AI features. An open‑source project called RemoveWindowsAI now lets administrators and power users disable or strip out components such as Copilot, Recal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign has been discovered exploiting Office Assistant, a widely used AI-powered productivity software in China, to distribute a malicious browser plugin that hijacks user traffic and exfiltrates sensitive information. The Red…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in n8n, an open-source automation and workflow platform, that could allow authenticated users to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2025-68668, affects all n8n version…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical path traversal vulnerability has been discovered in AdonisJS’s multipart file handling, potentially allowing remote attackers to write arbitrary files to server locations outside the intended upload directory. The vulnerability, tracke…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cyble Research and Intelligence Labs (CRIL) has identified a sophisticated, multi-stage attack campaign deploying a shared commodity loader across multiple threat actor groups. The operation demonstrates advanced operational security and represents a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple’s accessibility framework has been found vulnerable to a critical Transparency, Consent, and Control (TCC) bypass that exposes sensitive user data and enables arbitrary AppleScript execution. Researchers have disclosed CVE-2025-43530, a vul…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical supply chain vulnerability has been discovered affecting millions of developers using popular AI-powered IDEs, including Cursor, Windsurf, and Google Antigravity. Security researchers revealed that these coding environments were actively rec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
