Over 20,000 users have been affected by 108 malicious Chrome extensions stealing Google and Telegram data. Disguised as legitimate tools, these extensions exposed user data by stripping security headers. Is your browser vulnerable? Discover how to safeguard yourself against this growing threat by checking your extensions now…

Discover how the BITTER APT group is deceptively spreading ProSpy spyware by disguising it as popular apps like Signal and Zoom. Targeting journalists and civil society in MENA, this campaign marks a new shift in cyber espionage, stealing valuable data from unsuspecting Android users’ devices…

CISA adds six exploited vulnerabilities to its catalog, affecting Fortinet, Microsoft, and Adobe software. These flaws are actively targeted by attackers. Organizations must prioritize patching these vulnerabilities promptly to protect against SQL injection, prototype pollution, and more. Critical vulnerabilities in Microsoft Exchange Server are particularly concerning…

Security researchers uncovered 108 malicious Chrome extensions endangering 20,000 users by stealing sensitive account data. Linked to a single operation, they exploit OAuth2, session hijacking, and more. If you’ve installed extensions from Yana Project, GameGen, and others, remove them for safety…

Choosing between OpenAI and Anthropic Claude is crucial for enterprises. OpenAI excels in multimodal applications, while Anthropic’s Claude is ideal for long-context processing. Many companies leverage both to balance workloads and compliance needs. Understanding their strengths and safety approaches is key to informed decisions…

Anthropic’s groundbreaking Claude Mythos Preview autonomously surpasses experts in finding and exploiting software vulnerabilities. Backed by Project Glasswing’s $100M, it’s changing cybersecurity’s landscape. With vulnerability-to-exploitation timelines collapsing from months to minutes, businesses must brace for a new era of AI-driven defensive strategies…

Hackers are embedding credit card-stealing code within pixel-sized SVG images on Magento sites. Nearly 100 stores are affected by this advanced attack. The malicious code, hidden in plain sight, secretly captures your card info in real time during checkout. Learn how to spot these threats before you shop…

CVE-2026-35616 is a critical zero-day in FortiClient EMS, affecting versions 7.4.5 and 7.4.6, actively exploited with a CVSS score of 9.1. The flaw enables unauthorized commands via an unauthenticated API layer. Emergency hotfixes are available—act now before attackers reach your environment…

The European Commission confirmed a cyberattack targeting its AWS cloud infrastructure, exposing 350 GB of sensitive data, including employee information. With no ransom demanded, the attacker plans to leak the data, highlighting urgent cybersecurity challenges for EU institutions as they strengthen their defenses…

Anthropic, a leading AI safety company, inadvertently exposed nearly 3,000 sensitive files, including details of an unreleased AI model and private CEO retreat info, due to a CMS error. The incident highlights that even top tech firms are vulnerable to basic security oversights…