Google is broadening its spam policies to crack down on “back button hijacking,” a deceptive practice where websites interfere with browser navigation, blocking users from returning to the page they came from. Instead, users are usually redirected to pages they…
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a “velocity gap”…
OpenAI Updates Apps After North Korean Axios Hack
OpenAI to require macOS users to update apps after hack of Axios tool by North Korean attackers affects authentication mechanism This article has been indexed from Silicon UK Read the original article: OpenAI Updates Apps After North Korean Axios Hack
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Attackers target unpatched ShowDoc servers via CVE-2025-0520
A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the…
ChatGPT under scrutiny as Florida investigates campus shooting
New cases and research suggest AI chatbots don’t always shut down dangerous conversations. This article has been indexed from Malwarebytes Read the original article: ChatGPT under scrutiny as Florida investigates campus shooting
Nightclub Giant RCI Hospitality Reports Data Breach
The company said in an SEC filing that an IDOR vulnerability affecting RCI Internet Services exposed contractor data. The post Nightclub Giant RCI Hospitality Reports Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
IT Security News Hourly Summary 2026-04-14 12h : 4 posts
4 posts were published in the last hour 9:36 : Consumer Chatbots See High Error Rates For Health Queries 9:36 : Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware 9:36 : “Pics or it didnt happen” – What BlueHammer tells…
Consumer Chatbots See High Error Rates For Health Queries
Study finds error rates of above 80 percent when consumer AI chatbots try to diagnose cases where limited information is available This article has been indexed from Silicon UK Read the original article: Consumer Chatbots See High Error Rates For…
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware
Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross‑platform malware chain that ends with the PHANTOMPULSE remote access trojan. Attackers pose as a venture capital firm targeting financial and cryptocurrency professionals, first engaging…
“Pics or it didnt happen” – What BlueHammer tells us about Vulnerability Disclosure
Last week, reports circulated about an unpatched security vulnerability in Microsoft Windows. The “BlueHammer” 0-day vulnerability allows a normal user to gain system-level privileges. Microsoft allegedly refused to accept a report about the vulnerability—because video proof was missing. This article…
AI adoption is outpacing the safeguards around it
AI is becoming part of both professional and private life, reaching mainstream adoption faster than the personal computer or the internet. These systems are now tested in reasoning, safety, and real-world tasks, but the reliability of those measurements remains uncertain.…
Oracle Expands Fuel-Cell Deal With Bloom Energy
Oracle to buy up to 2.8 GW of fuel-cell power from Bloom Energy, as it seeks quicker roll-out of AI data centre infrastructure This article has been indexed from Silicon UK Read the original article: Oracle Expands Fuel-Cell Deal With…
Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks
Cybersecurity researchers have highlighted a critical vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams. Tracked as CNVD-2020-26585, this severe security flaw allows unauthenticated remote code execution (RCE) on compromised servers. The vulnerability poses a significant…
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Organizations Warned…
Over Permissive and Proliferating, AI-Driven Browser Extensions Create Security Blindspots
How many browsers extensions do you have running? Most enterprise users have at least one and seven out of ten have seen an extension expand its permissions over the last 12 months—with AI extensions being the worst offenders…by sixfold. The…
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting…
Hackers Steal Healthcare Recruitment Data
Hackers claim to have stolen detailed data from Dublin-based healthcare recruitment platform, including background-check information This article has been indexed from Silicon UK Read the original article: Hackers Steal Healthcare Recruitment Data
The Treatment Was Successful. Unfortunately the Patient Died
Explore the debate between “Cyber Nirvana” and the “Vulnpocalypse” as AI tools like Anthropic’s Mythos threaten to collapse the traditional security model in a “supernova” event. The post The Treatment Was Successful. Unfortunately the Patient Died appeared first on Security…
Hackers Target Rockstar Ahead Of GTA VI Launch
Hackers say they plan to release stolen data after targeting Rockstar Games Snowflake instance, ahead of GTA VI launch this year This article has been indexed from Silicon UK Read the original article: Hackers Target Rockstar Ahead Of GTA VI…
OpenAI Suspends Stargate UK Plan
OpenAI signs lease for first permanent London office, after pausing plans for AI infrastructure project that was part of wider US investment This article has been indexed from Silicon UK Read the original article: OpenAI Suspends Stargate UK Plan
SAP Patch Day Fixes Critical SQL Injection, DoS, and Code Injection Flaws
SAP released its monthly Security Patch Day updates, addressing 19 new security notes and one update to a previously released note. According to the official SAP Support Portal, these patches resolve severe vulnerabilities, including critical SQL injection, Denial of Service…
Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity…
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its…