Fake Perplexity Chrome extension spies on your searches | Malware

Type “Perplexity” into the Chrome Web Store and you get a range of browser extensions offering access to the popular AI search service. Until last week, one of them was…

Read more

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands | Cybersecurity

Swati KhandelwalJul 01, 2026AI Coding / Vulnerability Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor’s safety sandbox and run…

Read more

BioShocking: when “gaming” AI agents is no longer a game | Malware

AI-powered browsers and agents promise to take the drudgery out of web tasks. They can summarize pages, pull data from your accounts, and even act as a smart assistant that…

Read more

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service | Cybersecurity

Ravie LakshmananJul 01, 2026Vulnerability / Enterprise Security Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that…

Read more

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data | Cybersecurity

New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company…

Read more

Watch out for “high paying, low effort” Amazon job texts | Malware

Remote, flexible, high‑paying work is a tempting prospect, and the holy grail for many people looking for a new role. But it’s not just recruiters who are aware of this,…

Read more

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints | Cybersecurity

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017…

Read more

Update time: Apple releases security patches for iOS, MacOS Tahoe, Safari | Malware

Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, MacOS Tahoe, and Safari were issued after testing on…

Read more

What the Numbers Say About FIFA 2026 Cyber Risk | Cybersecurity

The Hacker NewsJun 30, 2026Phishing / Impersonation The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had…

Read more

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs | Cybersecurity

Ravie LakshmananJun 30, 2026Artificial Intelligence / Vulnerability Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities…

Read more

119 Edge extensions promised useful tools, instead downloaded malware | Malware

#Best# PDF Saver jebcdimkcimkafekgbgbhookdajcoeib “Download” Button for YouTube jbmkcmhocoddcokjkahpcchanlmiffhg “Save” Button for Pinterest fhkijdlfjnpimenfpnegkecbbijmoipm …Page Screenshot Clipper maiackahflfnegibhinjhpbgeoldeklb 7TV nmhdjlflloeeahacgomilnhmpfnhlpkn Adblock aooacabidfijofopjaeligonlfobjcjb Adblock dckihkcdmjmlkndgmmgplpcnkmdpangb Adblock (µBlock clone) kmiahfbflcnmlobepelpgkmolhodmiek Adblock For…

Read more

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input | Cybersecurity

Swati KhandelwalJun 29, 2026Browser Security / Web Security Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for….

Read more

This pay gap is programmed (Lock and Code S07E13) | Malware

This week on the Lock and Code podcast… Pay is personal for plenty of Americans, but a new distribution model that consumes vast quantities of worker data is turning pay…

Read more

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private | Cybersecurity

Ravie LakshmananJun 29, 2026Privacy / Social Media WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…

Read more

236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers | Cybersecurity

New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App. The…

Read more

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer | Cybersecurity

Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts….

Read more

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials | Cybersecurity

Ravie LakshmananJun 27, 2026Messaging Security / Cyber Espionage The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated…

Read more

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards | Cybersecurity

OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with…

Read more

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys | Cybersecurity

Swati KhandelwalJun 26, 2026Secure Messaging / Social Engineering The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now…

Read more

GTA 6 early access is nothing but a scam | Malware

A new wave of scam websites is offering something millions of people want: a way to play Grand Theft Auto VI before it comes out. “Get GTA 6 before everyone…

Read more

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks | Cybersecurity

A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts….

Read more

Malware steals Chrome session cookies to take over your accounts | Malware

An email attachment leads to the installation of a malicious Chrome extension. Researchers say it is part of a Windows backdoor delivered via a phishing email. The malware abuses Chrome…

Read more

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries | Cybersecurity

Swati KhandelwalJun 26, 2026Linux / Vulnerability A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is…

Read more

Russia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff | Cybersecurity

Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling…

Read more

Fake domain renewal emails trick website owners into paying scammers | Malware

You receive an email warning that your website’s domain name is about to expire. Renew now, it says, or your website and email could stop working. The link opens a…

Read more

Beware of “Parcel Expert” job offers: They’re parcel mule scams | Malware

A parcel mule scam, also called a reshipping scam, is a fake job offer designed to recruit people into handling stolen goods. It usually starts with a fake remote job…

Read more

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability | Cybersecurity

An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube…

Read more

Update Chrome to patch critical browser security flaws | Malware

Google released a security update for Chrome that fixes 18 vulnerabilities, including four rated Critical. There is no indication that any of these newly patched bugs are being actively exploited…

Read more

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories | Cybersecurity

Ravie LakshmananJun 25, 2026Hacking News / Cybersecurity News It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left…

Read more

Elite network says it was hacked after members’ personal data was left exposed | Malware

Some organizations exist to be exclusive. They’re invite-only, and discreet, the kind of place where the membership directory is the product. Dialog, the exclusive network founded by billionaire investor and…

Read more
Update cookies preferences