1+ day, 12+ min ago  (255+ words) 108 Chrome extensions have been harvesting user identities, hijacking sessions, and silently backdooring users" web browsers. In parallel, 54 extensions were found abusing Google"s OAuth2 authentication flow to collect user profile data, including email addresses, names, profile images, and persistent Google account…...

5+ day, 15+ hour ago  (454+ words) The finding emerged during testimony in a recent criminal trial tied to an attack on an ICE detention facility in Texas. Details of the forensic technique surfaced during proceedings related to a July incident at the Prairieland ICE Detention Facility…...

1+ week, 17+ hour ago  (431+ words) A newly published security audit by Trail of Bits reveals that Whats App's privacy-preserving AI system initially contained multiple high-risk vulnerabilities that could have exposed user messages. All identified issues were addressed by Meta prior to the new feature's release....

1+ week, 5+ day ago  (211+ words) Meta has uncovered and disrupted a targeted spyware campaign that used a fake Whats App application to compromise users" devices. The operation has been attributed to ASIGINT, an Italian cyber-intelligence firm now facing formal action from the tech giant. Meta…...

2+ week, 1+ day ago  (310+ words) Telegram has publicly denied the existence of a high-severity vulnerability reportedly affecting its messaging platform, pushing back against claims tied to an upcoming disclosure from Trend Micro's Zero Day Initiative (ZDI). The company insists that the alleged attack vector, allegedly…...

2+ week, 3+ day ago  (336+ words) Apple has provided US law enforcement with the real identity behind an anonymized i Cloud email address generated using its "Hide My Email" feature, according to newly unsealed court documents. The disclosure was revealed through a federal affidavit first reported…...

2+ week, 4+ day ago  (224+ words) Shiny Hunters has leaked data from the latest iteration of the Breach Forums cybercrime marketplace, exposing hundreds of thousands of user records and prompting breach notifications from Have I Been Pwned (HIBP). The incident once again highlights the ongoing instability…...

2+ week, 5+ day ago  (394+ words) Reddit has announced new measures to distinguish human users from automated accounts, introducing bot labeling and limited human verification checks. The update was shared by Reddit CEO Steve Huffman (u/spez). He first disclosed these plans on March 21 during an…...

3+ week, 23+ hour ago  (436+ words) The FCC has added all foreign-produced consumer routers to its Covered List, effectively blocking authorization of new models for sale in the US over national security concerns. The move follows a government-wide determination that such routers pose significant supply chain…...

3+ week, 1+ day ago  (312+ words) The FBI has issued a new alert warning that Iranian government-backed hackers are leveraging Telegram as a command-and-control (C2) channel to distribute malware targeting dissidents, journalists, and opposition groups worldwide. According to the FBI FLASH bulletin, the activity is attributed to…...