Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets
Image: madedee/Adobe A once-trusted Chrome extension with thousands of users was quietly transformed into a malware delivery vehicle, exposing how...
Security
Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records
Image: Jacob Barone's Law Enforcement Photography's photo/Flickr The Department of Homeland Security (DHS) may have been breached… with thousands of...
Phishing campaign exploits OAuth redirection to bypass defenses
Phishing campaign exploits OAuth redirection to bypass defenses Pierluigi Paganini March 03, 2026 Microsoft researchers warn that threat actors abuse...
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Android devices hit by exploited Qualcomm flaw CVE-2026-21385 Pierluigi Paganini March 03, 2026 Google confirms that the Qualcomm Android vulnerability...
Chrome security flaw enabled spying via Gemini Live assistant
Chrome security flaw enabled spying via Gemini Live assistant Pierluigi Paganini March 03, 2026 A Google Chrome vulnerability lets malicious...
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Ravie LakshmananMar 03, 2026Vulnerability / Mobile Security Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm...
AWS Data Centers Hit: Drone Strikes Cripple Cloud
Image: StackCommerce Amazon Web Services said drone strikes damaged three Middle East data center facilities, disrupting service for customers in...
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity Pierluigi Paganini March 02, 2026 UK’s NCSC warns...
Latest OpenClaw Flaw Can Let Malicious Websites Hijack Local AI Agents
The list of vulnerabilities and other security problems connected to the OpenClaw AI personal assistant introduced in late January...
The AI Exchange: Innovators in Payment Security Featuring Checkout.com
Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature...
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch Pierluigi Paganini March 02, 2026 Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513...
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems Pierluigi Paganini March 02, 2026 North Korea-linked APT 37...
Randall Munroe’s XKCD ‘Proof Without Content’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security...
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site Pierluigi Paganini March 02, 2026 Ukrainian citizen Yurii Nazarenko...
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Ravie LakshmananMar 02, 2026Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by...
