Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every…
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
î ‚Dec 13, 2025î „Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS,…
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
î ‚Dec 05, 2025î „Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing…
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem…
Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
î ‚Nov 07, 2025î „Ravie LakshmananMobile Security / Vulnerability A now-patched security flaw in Samsung Galaxy Android devices was exploited…
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related…
Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with…
Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets
î ‚Oct 20, 2025î „Ravie LakshmananThreat Intelligence / Data Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday…
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
î ‚Oct 15, 2025î „Ravie LakshmananVulnerability / Threat Intelligence U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors…
OPINION: Unitary Executive Theory is a bad idea for computers, a worse one for presidents
Cybersecurity incidents have been in the news lately. Due to the disruptive and destructive nature of such incidents,…
One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief
î ‚Oct 04, 2025î „Ravie LakshmananAgentic AI / Enterprise Security Cybersecurity researchers have disclosed details of a new attack called…