The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

India's cyber security agency has issued security alert for Google Chrome browser: Check if you are affected and how to fix it

CERT-In has issued a high-severity warning for Google Chrome users, citing vulnerabilities that could allow remote code execution. The advisory urges users to update their browser to the latest ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Why automotive and battery manufacturers are replacing traditional duct systems with US tubing

Manufacturers are replacing traditional duct systems because long-term leakage, rising maintenance demands, and inconsistent ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

Apache Junction inks deal with Google for high-speed internet rollout

Google Fiber already serves Mesa, Chandler, Queen Creek and Tempe. The company opened a Mesa office in October.

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.

Microsoft’s new browser tool will make websites more keyboard-friendly

Half of all websites fail basic keyboard navigation. Microsoft's new browser tool wants to change that — and it only takes one HTML attribute to do it.
LinuxInsider

How to Harden Firefox for Better Security on Linux

This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry, and strengthen browser security.