A trusted Chrome extension was hijacked to strip browser protections, deploy ClickFix malware, and steal cryptocurrency and user data. The post Chrome Extension Hijacked to Push ClickFix Malware appeared first on eSecurity Planet. This article has been indexed from eSecurity…
South Korean Tax Agency Leak Leads to $4.8M Crypto Theft
A South Korean tax agency press release exposed a seized wallet’s seed phrase, enabling a $4.8 million cryptocurrency theft. The post South Korean Tax Agency Leak Leads to $4.8M Crypto Theft appeared first on eSecurity Planet. This article has been…
Europol Operation Targets Online Network Exploiting Minors
A Europol-led operation across 28 countries led to 30 arrests targeting “The Com,” a decentralized network accused of exploiting minors online. The post Europol Operation Targets Online Network Exploiting Minors appeared first on eSecurity Planet. This article has been indexed…
Operator of AI Fake ID Platform Pleads Guilty
The operator of an AI-powered fake ID platform that helped bypass KYC checks has pleaded guilty and faces up to 15 years in prison. The post Operator of AI Fake ID Platform Pleads Guilty appeared first on eSecurity Planet. This…
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.8), a high-severity MSHTML vulnerability (CVSS 8.8), before Microsoft patched it in February…
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here’s how the rest of us can limit the data we’re sharing. This article has been indexed from Malwarebytes Read the original article:…
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge
AI demand drives DDR5 RAM shortages, attracting scalping bots that hit product pages 6x more than real users. DataDome blocked 10M+ scraping requests. The post Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge appeared first on…
Anthropic’s Claude hit by widespread service outage (updated)
Anthropic suffered widespread service disruptions Monday morning, leaving thousands of users unable to access its Claude AI platform. Most users reporting problems said they encountered errors when attempting to log in. The first notice was posted at 11:49 UTC. In…
Cyber Briefing: 2026.03.02
Malicious Chrome extension update steals crypto, RAT spreads via fake gaming tools, major breaches exposed, Europol arrests suspects, fake ID creator pleads guilty. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.03.02
Influencers Alarmed as New AI Rules Enforce Three-Hour Takedowns
India’s new three-hour takedown rule for online content has triggered unease among influencers, agencies, and brands, who fear it could disrupt campaigns and shrink creative freedom. The rule, introduced through amendments to the IT Intermediary Rules on February 11,…
Infostealer Malware Targets OpenClaw AI Agent Files to Steal API Keys and Authentication Tokens
Now appearing in threat reports, OpenClaw — a local AI assistant that runs directly on personal devices — has rapidly gained popularity. Because it operates on users’ machines, attackers are shifting focus to its configuration files. Recent malware infections…
Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity
Military strikes in the Middle East escalate cyber ops, raising spillover risks globally for firms This article has been indexed from www.infosecurity-magazine.com Read the original article: Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity
Phishing Pages for Zoom and Google Meet Install Teramind Monitoring Tool
Fake Zoom and Google Meet pages trick users into installing Teramind monitoring software on Windows systems through phishing links and fake updates. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original…
Hackers and internet outages hit Iran amid U.S. air strikes
Users of a popular Iranian prayer app were flooded with phone notifications as U.S. air strikes hit Iran’s biggest cities, killing the country’s leader. This article has been indexed from Security News | TechCrunch Read the original article: Hackers and…
A fake FileZilla site hosts a malicious download
A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring. This article has been indexed from Malwarebytes Read the original article: A fake FileZilla site hosts a malicious download
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek. This article has…
Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API…
Feb Recap: New AWS Privileged Permissions and Services
As February 2026 comes to a close, the focus of AWS permission expansion has moved from core infrastructure to the Generative AI supply chain. This month’s review of newly released permissions highlights a strategic pivot toward model customization and deep-tier…
Anthropic’s Claude hit by widespread service outage
Anthropic suffered widespread service disruptions Monday morning, leaving thousands of users unable to access its Claude AI platform. Most users reporting problems said they encountered errors when attempting to log in. The first notice was posted at 11:49 UTC. In…
QuickLens Chrome Extension Steals Crypto
The QuickLens Chrome extension was recently pulled from the Web Store after a malicious update compromised roughly 7,000 users. This article has been indexed from CyberMaterial Read the original article: QuickLens Chrome Extension Steals Crypto
Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026
Torrance, United States / California, 2nd March 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026
How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization
The CVSS Blind Spot For years, CVSS scores have been the default metric for vulnerability severity. But severity does not equal risk. A CVSS 9.8 vulnerability that is never exploited is less dangerous than a CVSS 6.5 actively used in…
Memory scalpers hunt scarce DRAM with bot blitz
We can remember it for you wholesale, and sell it back to you for big bucks Web scraping bots are increasing the pressure on the tech supply chain by scouring sites for DRAM, so their minders can snap up increasingly…