A malicious extension has been discovered in the Chrome catalog — an add-on that, without the owner’s knowledge, inserts a hidden fee into Solana transactions and diverts it to a wallet controlled by the...
Censys researchers have detailed a new web-attack technique known as EtherHiding, in which attackers conceal malicious code inside smart contracts on the Binance Smart Chain test network and deliver it through counterfeit CAPTCHA pages....
ASUS continues to patch dangerous flaws in its home routers following a wave of attacks targeting the AiCloud service. The company has released a new firmware version addressing nine vulnerabilities, including a critical authentication...
Cato Networks has unveiled a new attack technique, dubbed HashJack, which conceals malicious AI prompts behind the “#” symbol within legitimate URLs — coercing AI-powered browsers into executing them while remaining invisible to traditional...
The CodeRED alert platform operated by OnSolve and maintained by the risk-management firm Crisis24 has fallen victim to a major cyberattack — an incident that disrupted emergency-notification systems relied upon by government agencies and...
Ordinary mergers and acquisitions are unexpectedly becoming a convenient point of entry for extortionists: operators of the Akira ransomware are infiltrating the networks of large companies through vulnerable SonicWall appliances inherited along with the...
The FBI has reported a surge in fraudulent schemes involving the takeover of financial accounts and warned that such attacks may intensify as the holiday shopping season approaches. According to the agency, more than...
Cybercriminals no longer need to coax ChatGPT or Claude Code into assisting with malware development or data-theft scripts. A whole class of specialized language models now exists expressly for offensive operations. One such system...
Malicious activity has once again surged within the npm ecosystem. This time, it is the second wave of the Shai-Hulud attack—an operation that mirrors the logic of the September campaign but unfolds with far...
Amazon has begun revealing details of its internal Autonomous Threat Analysis system, created to accelerate vulnerability detection and the development of defensive measures. Confronted with an ever-growing codebase and increasingly sophisticated attack techniques, the...
Superbox drew consumer attention with promises of access to more than 2,200 television channels and streaming services without a subscription, all for a one-time payment of roughly $400. Yet an examination of the device...
Fake Windows updates have entered a new cycle of ClickFix campaigns, according to researchers at Huntress. Attackers are increasingly replacing bot-check pages with full-screen blue windows that perfectly mimic the Windows update interface. As...
