Security News

MINJA sneak attack poisons AI models for other chatbot users
2025-03-11 08:37

Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements....

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
2025-03-10 14:47

Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect...

⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
2025-03-10 09:46

Cyber threats today don't just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new...

Week in review: How QR code attacks work and how to protect yourself, 10 must-reads for CISOs
2025-03-09 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How QR code attacks work and how to protect yourself While QR codes are convenient, they also...

Unpatched Edimax IP camera flaw actively exploited in botnet attacks
2025-03-07 18:36

A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]

PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
2025-03-07 04:42

Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability...

Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
2025-03-06 15:39

Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. [...]

Malicious Chrome extensions can spoof password managers in new attack
2025-03-06 14:19

A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive...

Outsmarting Cyber Threats with Attack Graphs
2025-03-06 12:14

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to...

Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks
2025-03-06 00:47

Xi's freelance infosec warriors apparently paid up to $75K to crack a single American inbox US government agencies announced Wednesday criminal charges against alleged members of China's Silk...