Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious ...
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

I found the easiest way to send files between my devices, and it's not AirDrop or Quick Share

A simple, cross-platform solution ...

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise ...