Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

AI assistants apparently can't distinguish between instructions and data, and that is at the center of many zero-click prompt ...

A Chrome extension posing as an Amazon ad blocker was caught hijacking affiliate links in the background, redirecting commissions without user consent.

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, and critical CVEs.

Don’t delay, ensure Chrome is updated now as Google confirms an emergency security alert. CVE-2026-2441 exploited in the wild ...

Cloud security company Zscaler Inc. announced today that it has acquired browser security company SquareX Ltd. for an ...

Five extensions were doing all sorts of malicious acts, including stealing payment data.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

Researchers have analyzed a recently discovered Android malware named Keenadu that enables its operators to remotely control ...

Despite ongoing efforts by Google to tighten security, malicious browser extensions continue to find their way onto the Chrome Web Store — and into users’ ...

Security experts have uncovered dangerous Chrome extensions that promise or impersonate AI tools to steal sensitive data.