Fake Perplexity Chrome extension spies on your searches | Malware
Type “Perplexity” into the Chrome Web Store and you get a range of browser extensions offering access to the popular AI search service. Until last week, one of them was…
Read moreCritical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands | Cybersecurity
Swati KhandelwalJul 01, 2026AI Coding / Vulnerability Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor’s safety sandbox and run…
Read moreBioShocking: when “gaming” AI agents is no longer a game | Malware
AI-powered browsers and agents promise to take the drudgery out of web tasks. They can summarize pages, pull data from your accounts, and even act as a smart assistant that…
Read moreCitrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service | Cybersecurity
Ravie LakshmananJul 01, 2026Vulnerability / Enterprise Security Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that…
Read moreMicrosoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data | Cybersecurity
New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company…
Read moreWatch out for “high paying, low effort” Amazon job texts | Malware
Remote, flexible, high‑paying work is a tempting prospect, and the holy grail for many people looking for a new role. But it’s not just recruiters who are aware of this,…
Read moreLangflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints | Cybersecurity
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017…
Read moreUpdate time: Apple releases security patches for iOS, MacOS Tahoe, Safari | Malware
Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, MacOS Tahoe, and Safari were issued after testing on…
Read moreWhat the Numbers Say About FIFA 2026 Cyber Risk | Cybersecurity
The Hacker NewsJun 30, 2026Phishing / Impersonation The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had…
Read moreApple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs | Cybersecurity
Ravie LakshmananJun 30, 2026Artificial Intelligence / Vulnerability Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities…
Read more119 Edge extensions promised useful tools, instead downloaded malware | Malware
#Best# PDF Saver jebcdimkcimkafekgbgbhookdajcoeib “Download” Button for YouTube jbmkcmhocoddcokjkahpcchanlmiffhg “Save” Button for Pinterest fhkijdlfjnpimenfpnegkecbbijmoipm …Page Screenshot Clipper maiackahflfnegibhinjhpbgeoldeklb 7TV nmhdjlflloeeahacgomilnhmpfnhlpkn Adblock aooacabidfijofopjaeligonlfobjcjb Adblock dckihkcdmjmlkndgmmgplpcnkmdpangb Adblock (µBlock clone) kmiahfbflcnmlobepelpgkmolhodmiek Adblock For…
Read moreMalicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input | Cybersecurity
Swati KhandelwalJun 29, 2026Browser Security / Web Security Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for….
Read moreThis pay gap is programmed (Lock and Code S07E13) | Malware
This week on the Lock and Code podcast… Pay is personal for plenty of Americans, but a new distribution model that consumes vast quantities of worker data is turning pay…
Read moreWhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private | Cybersecurity
Ravie LakshmananJun 29, 2026Privacy / Social Media WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…
Read more236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers | Cybersecurity
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App. The…
Read moreHijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer | Cybersecurity
Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts….
Read moreUkraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials | Cybersecurity
Ravie LakshmananJun 27, 2026Messaging Security / Cyber Espionage The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated…
Read moreOpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards | Cybersecurity
OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with…
Read moreFBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys | Cybersecurity
Swati KhandelwalJun 26, 2026Secure Messaging / Social Engineering The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now…
Read moreGTA 6 early access is nothing but a scam | Malware
A new wave of scam websites is offering something millions of people want: a way to play Grand Theft Auto VI before it comes out. “Get GTA 6 before everyone…
Read moreNew SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks | Cybersecurity
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts….
Read moreMalware steals Chrome session cookies to take over your accounts | Malware
An email attachment leads to the installation of a malicious Chrome extension. Researchers say it is part of a Windows backdoor delivered via a phishing email. The malware abuses Chrome…
Read moreNew Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries | Cybersecurity
Swati KhandelwalJun 26, 2026Linux / Vulnerability A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is…
Read moreRussia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff | Cybersecurity
Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling…
Read moreFake domain renewal emails trick website owners into paying scammers | Malware
You receive an email warning that your website’s domain name is about to expire. Renew now, it says, or your website and email could stop working. The link opens a…
Read moreBeware of “Parcel Expert” job offers: They’re parcel mule scams | Malware
A parcel mule scam, also called a reshipping scam, is a fake job offer designed to recruit people into handling stolen goods. It usually starts with a fake remote job…
Read moreChrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability | Cybersecurity
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube…
Read moreUpdate Chrome to patch critical browser security flaws | Malware
Google released a security update for Chrome that fixes 18 vulnerabilities, including four rated Critical. There is no indication that any of these newly patched bugs are being actively exploited…
Read moreThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories | Cybersecurity
Ravie LakshmananJun 25, 2026Hacking News / Cybersecurity News It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left…
Read moreElite network says it was hacked after members’ personal data was left exposed | Malware
Some organizations exist to be exclusive. They’re invite-only, and discreet, the kind of place where the membership directory is the product. Dialog, the exclusive network founded by billionaire investor and…
Read more