QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
Infosecurity-magazine.com

VoidLink Linux Malware Was Built Using an AI Agent, Researchers Reveal

VoidLink, the recently discovered Linux malware which targets Linux-based cloud servers, was likely almost entirely generated by AI, researchers have said. First detailed by cybersecurity analysts at ...
Fox News

Browser extension malware infected 8.8M users in DarkSpectre attack

Browser extensions promise convenience. Many offer simple tools like new tab pages, translators or video helpers. Researchers, however, uncovered a long-running malware operation that abused that ...
PC Magazine

From Firefox Malware to Stolen Pornhub Data: This Week's Security News Is Not Sexy

A wave of recent breaches and malware discoveries shows how easily trusted software and private data can be exploited. I've been writing and editing stories for almost two decades that help people use ...
SiliconANGLE

‘PyStoreRAT’ malware uses fake developer tools on GitHub to infect Windows systems

A new report out today from endpoint security firm Morphisec Inc. details a previously undocumented malware family dubbed “PyStoreRAT” that abuses trusted open-source platforms and Windows scripting ...
CSOonline

Polymorphic AI malware exists — but it’s not what you think

We are either at the dawn of AI-driven malware that rewrites itself on the fly, or we are seeing vendors and threat actors exaggerate its capabilities. Recent Google and MIT Sloan reports reignited ...
Android Authority

New Android malware sneak-wipes your bank account: Here's how to avoid getting robbed

Researchers have identified a new banking malware that replaces your actual banking app with a malicious one. It primarily spreads through APKs distributed via unmoderated channels such as messaging ...
Dark Reading

How Malware Authors Are Incorporating LLMs to Evade Detection

Threat actors are testing malware that incorporates large language models (LLMs) to create malware that can evade detection by security tools. In an analysis published earlier this month, Google's ...
Android Authority

New banking malware can stealth-hack your Android phone: Here's how to stay safe (Updated)

A malware, called “Sturnus,” has emerged, and it exploits Android’s accessibility features to spread on your phone even without you noticing. It gains access to your Android after being installed via ...