Browser Hijack
-
Posted: October 14, 2025Views: 13Read moreKandji uncovers a September 2025 campaign where attackers clone Homebrew sites to inject malware like Odyssey Stealer via clipboard tricks—exploit C2 servers and bypass trust; mitigate by verifying sources and using endpoint monitoring. -
Read moreAttackers use zero-day in Edge's IE Mode Chakra engine to trick users into legacy reloads, enabling RCE and SYSTEM access for malware. Microsoft disabled easy triggers—configure manually via Settings, migrate from IE, and prioritize modern web standards to stay secure. -
Read morePublic Wi-Fi exposes you to MitM attacks and data theft—learn to spot evil twin hotspots, use VPNs for encryption, enable 2FA, and stick to cellular for sensitive tasks to protect against rising breaches in cafes and airports. -
Read moreLayerX uncovers CometJacking, exploiting Perplexity’s AI browser via malicious URLs to steal Gmail/Calendar data—tricks AI into Base64-encoded exfiltration, bypassing safeguards. Urgent call for AI security-by-design amid rising agentic threats. -
Read moreMalicious browser extensions SocialMetrics Pro and Madgicx Plus steal Facebook session cookies and credentials to hijack Meta Business accounts. Learn how these fake tools target advertisers via malvertising and fake websites. -
Read moreSecurity researchers demonstrate how Google's Gemini AI bot can be hijacked to control smart home devices using invisible prompts. Learn about the implications for generative AI security. -
Read moreDiscover critical vulnerabilities in NVIDIA's Triton Inference Server that allow unauthenticated attackers to execute code and take control of AI servers. Learn about the risks and necessary updates." -
Posted: June 10, 2025Views: 24Read moreLearn about a critical vulnerability in Google's account recovery system that allowed attackers to access any user's phone number through a brute-force attack, highlighting the importance of security audits for legacy systems. -
Read moreA dangerous new cyberattack method called Browser-in-the-Middle (BitM) is allowing hackers to steal user sessions within seconds—completely bypassing Multi-Factor Authentication (MFA). This technique tricks users into logging in through an attacker-controlled browser, giving hackers full access to their accounts. -
Read moreA large-scale phishing attack has compromised 16 popular Chrome browser extensions, exposing over 600,000 users to data theft and credential breaches. The campaign exploited legitimate extension publishers, injecting malicious code into their products to steal sensitive information such as cookies and access tokens.
Recent Posts
