Research reveals how these simple Chrome extensions are hawking your privacy

Research shows that even simple Chrome extensions can quietly invade user privacy, with some hijacking clipboards, ...
The Hacker News

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.
PCQuestOpinion

Your AI assistant has full access to your life and that should worry you

Cloudflare’s Moltworker moves Moltbot into sandboxed cloud infrastructure, revealing why always-on AI agents are powerful, ...

Chrome Token-Theft Extensions, Nadella Europe Sovereignty, ChatGPT Age-Checks | Ep. 41

In today’s 2-Minute Tech Briefing, researchers flag fake Chrome productivity extensions stealing session tokens from Workday, ...

Fake Moltbot AI assistant just spreads malware - so AI fans, watch out for scams

Moltbot was originally called Clawdbot, but was recently renamed to avoid trademark issues, and is one of the more popular AI tools out there, with more than 93,000 stars on GitHub at press time. Its ...
Cryptopolitan

10,000 users’ OpenAI API keys have found stolen by fake Chrome AI extension

A Chrome browser extension posing as an artificial intelligence assistant is siphoning OpenAI credentials from more than ...
PCMag

Hackers Still Exploiting WinRAR Flaw Even Though Fix Was Released 6 Months Ago

WinRAR doesn't have an auto-update function, meaning PCs are vulnerable until you manually update. The bug is still being widely exploited, Google security researchers warn.
CSO Online

Sicarii ransomware locks your data and throws away the keys

A key-handling defect in the ransomware can permanently lock files by discarding private encryption keys, leaving affected ...
Dark Reading

'Stanley' Toolkit Turns Chrome Into Undetectable Phishing Vector

The malware-as-a-service kit enables malicious overlays on real websites without changing the visible URL, issuing a new ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...

A new malware service promises to skip Google's review process and get your malware straight onto the Chrome Store

A threat actor alias ‘Stenli’ (Stanley) recently started offering a service which basically guarantees that a malicious ...