Opinion
Security BoulevardOpinion

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.
PCMag Australia

$20K in Stolen Games, a $5M Crypto Blunder, and a Very Bad Week for Internet Security

This week in cybersecurity: stolen PlayStation accounts, AI chat transcripts sold by data brokers, tax-season scams, deepfake ...
Cybernews

AI agents are too easy to fool, with websites now littered with hidden “system override” commands

Don’t act surprised when your AI agent starts printing millions of pages of cabbages, deletes an entire system partition, or sends your life savings to fraudsters – they’re just being helpful.
Inc

Hackers Are Hammering Google’s Gemini With Prompts to Steal the LLM. Every AI Company Should Be Worried

Google called the attacks “model extraction,” a process Medium defines as: “an attacker distills the knowledge from your expensive model into a new, cheaper one they control.” It’s becoming an ...
TechCrunch

Hackers publish personal information stolen during Harvard, UPenn data breaches

A notorious hacking group has claimed responsibility for last year’s data breaches at Harvard University and the University of Pennsylvania (UPenn) and published the data that they claim to have ...
Reuters

Chinese-linked hackers target US entities with Venezuelan-themed malware

Mustang Panda uses Venezuela-themed phishing emails for cyberespionage Acronis uncovers malware linked to Mustang Panda operations Malware targets US government, policy-related entities, researchers ...
GitHub

Jellyfin Plugin - JavaScript Injector

Multiple Scripts: Add as many custom JavaScript snippets as you want. Organized UI: Each script is managed in its own collapsible section, keeping your configuration clean and easy to navigate. Enable ...
Forbes

Hackers Unredact Epstein Files — What You Need To Know

The Epstein files have been hacked. Updated December 26 with previous examples of PDF document redaction failures, as well as warnings about malware associated with some Epstein Files distributions ...
financefeeds

Hacker nutzen JavaScript-Bibliothek aus, um Krypto-Wallet-Drainer einzusetzen

Hacker haben Exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on kryptowährung platforms. The React team released a patch on December ...
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
Bleeping Computer

Hackers are exploiting ArrayOS AG VPN flaw to plant webshells

Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. Array Networks fixed the vulnerability in a May security ...
GCN

Eurofiber confirms hackers stole data from its French subsidiary following cyberattack

Eurofiber, the digital infrastructure service provider from Europe, experienced the first of its kind recording of a data breach in its French subsidiary when the company was attacked in a cyber ...