Cybersecurity

A critical flaw in the Anthropic Claude Chrome extension allowed websites to silently inject malicious prompts, compromising user security.The vulnerability combined an overly permissive...

The recently uncovered iOS exploit kit Coruna uses an updated version of the kernel exploit framework from the 2023 Operation Triangulation espionage campaign.The framework...

GlassWorm attackers now use a multi-stage framework that steals data and delivers a remote access trojan via a malicious Chrome extension.The malware employs the...

A phishing campaign uses fake, obfuscated French-language resumes to deliver malware that mines cryptocurrency and steals data.The attack chain completes in just 25 seconds...

Credential-stealing malware known as "TeamPCP Cloud stealer" has compromised GitHub Actions workflows from Checkmarx, following a similar attack on Aqua Security's Trivy scanner.The stealer...

Russian access broker Aleksei Volkov was sentenced to 6.75 years in U.S. prison for enabling ransomware attacks causing over $9 million in losses.U.S. prosecutors...

Threat actor TeamPCP has distributed malicious versions of the Trivy vulnerability scanner on Docker Hub, with versions 0.69.4, 0.69.5, and 0.69.6 containing an infostealer.The...

Hackers linked to the TeamPCP operation have unleashed a self-propagating malware worm called CanisterWorm across numerous npm packages.The worm uses an ICP canister on...