Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...
SecurityWeek

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft’s latest Patch Tuesday updates fix 165 vulnerabilities, including a SharePoint zero-day that has been exploited in ...

Microsoft adds Windows protections for malicious Remote Desktop files

Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection ...
CNET

The Feds Took Down a 'Full-Service Cybercrime Platform' Behind $20M in Phishing

The W3LL phishing kit helped criminals steal tens of thousands of account credentials, primarily targeting Microsoft 365 ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...