Malicious Mac extensions steal crypto wallets and passwords

Mac users face new security threat as malware infiltrates trusted extension marketplaces, targeting cryptocurrency wallets ...

Malicious Chrome extensions caught stealing sensitive data

Chrome extensions called "Phantom Shuttle" stole user data for years before Google removed them from the Chrome Web Store ...
Security Boulevard

Widely Used Malicious Extensions Steal ChatGPT, DeepSeek Conversations

Threat actors used two malicious Chrome extensions that have 900,000 users to steal their chats with AI models like ChatGPT and DeepSeek and browser history. The incident is the latest in a growing ...
Krebs on Security

Calendar Meeting Links Used to Spread Mac Malware

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly, a popular application for scheduling appointments and ...
Ars Technica

384,000 sites pull code from sketchy code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript ...
Ars Technica

Backdoor found in widely used Linux utility targets encrypted SSH connections

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. Because the backdoor was discovered ...
Dark Reading

Malicious ChatGPT Extensions Add to Google Chrome Woes

Yet another version of the malicious, Facebook account-stealing ChatGPT browser extension for Google Chrome has emerged, representing a new variant in a campaign affecting thousands of users daily.