SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Browser-based attacks hit 95% of enterprises — and traditional security tools never saw them coming

Omdia research shows 95% of organizations faced browser-based attacks last year. CrowdStrike's CTO and Clearwater Analytics' ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Cyber Daily

Hacked: US cyber agency adds six vulnerabilities to known-exploited listing

Microsoft zero-day vulnerability added to KEV Catalog alongside SmarterTools SmarterMail authentication bypass bug and ...