Vulnerabilities in password managers put browser trust under scrutiny
Researchers say some password managers can leak or alter credentials through browser-side flaws, challenging how users interpret encryption claims.
Fake AI assistants in Chrome Web Store steal passwords and spy on emails
Malicious AI-themed Chrome extensions are stealing passwords, hijacking sessions, and spying on email at alarming scale.
European governments breached in zero-day attacks targeting Ivanti
European institutions were hit in a wider Ivanti zero-day campaign, exposing the risks posed by compromised edge appliances.
New zero-click flaw in Claude Desktop extensions raises hard questions about AI app trust
LayerX says a zero-click flaw in Claude Desktop extensions could enable RCE, raising fresh concerns about AI app trust and endpoint security.
Ai security threats loom as enterprise usage jumps 91%
Zscaler’s AI findings suggest enterprise adoption is outpacing security, with prompt injection, data leakage, and risky integrations driving exposure.
Russian hacktivists intensify disruptive cyber pressure on UK orgs
The UK NCSC says Russian hacktivists are increasing disruptive attacks on critical sectors, with DDoS and defacements driving pressure.
Interlock ransomware targets Cisco enterprise firewalls
Interlock’s reported use of a critical Cisco firewall flaw shows how ransomware crews are turning edge-device bugs into stealthy enterprise breaches.
FBI seizes Handala data leak site after Stryker cyberattack
The FBI’s seizure of Handala sites after the claimed Stryker attack highlights rising destructive cyber risk across healthcare supply chains.
Darksword: iPhone exploit kit serves spies and thieves alike
DarkSword shows how advanced iPhone exploit chains can power both surveillance and theft, with targeted victims reported in four countries.
Five malicious Rust crates target CI/CD secrets through fake time utilities
Five malicious Rust crates on crates.io reportedly stole .env secrets from developer and CI/CD environments, raising supply-chain risk.
Hive0163’s Slopoly malware shows how AI can speed up ransomware operations
Reported Slopoly activity linked to Hive0163 suggests AI may be helping ransomware crews build persistence malware faster and cheaper.
Nine CrackArmor flaws in Linux AppArmor raise root escalation and container escape concerns
Qualys says nine AppArmor flaws can let unprivileged users gain root and weaken container isolation on affected Linux systems.