Agentic browsers powered by LLMs bring productivity—and alarming new vulnerabilities. Explore how attackers exploit AI agents for hijack and data theft in the next generation of web browsers.
A massive cluster of Chrome extensions has been exposed for stealing Google and Telegram account data from at least 20,000 users. The extensions, disguised as games and utilities, funneled stolen credentials to a common backend and injected malicious scripts across the web.
AI-powered browser extensions are quietly infiltrating enterprise environments, often escaping detection and carrying significant security risks. Learn how these tools have become a new, dangerous attack vector—and what organizations must do to regain control.
A critical zero-day vulnerability in Adobe Reader is being exploited with malicious PDFs targeting Russian oil and gas sectors. The attack requires no user interaction beyond opening the file, allowing hackers to steal data and potentially launch more severe attacks. No fix is available yet, so users must exercise extreme caution.
STX RAT, a sophisticated new malware, combines hidden remote desktop access with advanced infostealing, using fileless techniques and strong encryption to evade detection. Learn how this threat operates and what defenders can do to fight back.
A new wave of ransomware attacks is bypassing file encryption in favor of pure data theft, leaving backup strategies obsolete and reputations on the line. Learn how cybercriminals are exploiting this silent revolution—and what it means for your defenses.
IBM’s flagship authentication products are under fire after multiple critical vulnerabilities were revealed, exposing organizations to remote attacks, privilege escalation, and data theft. Learn what’s at risk and how to respond.
A breach at a SaaS integration provider has triggered targeted data theft and extortion attacks—primarily against Snowflake customers—highlighting the risks of interconnected cloud ecosystems.
A Chrome extension claiming to block ChatGPT ads instead spied on users, stealing their conversations and sending them to hackers. The incident highlights new risks in browser extension security.
CrystalRAT has burst onto the cybercrime scene, offering hackers a toolkit that blends classic data theft and remote access with disruptive pranks. Discover how this malware-as-a-service is targeting users and luring new cybercriminals with its mischievous features.