152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Fake Search Clicks
Socket says the extensions worked as wallpaper tools, but also logged user data, disguised install traffic as Google clicks, and fed ad sites.
Scam
15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys
Hackers are using 15 malicious JetBrains plugins posing as AI coding assistants to steal DeepSeek, OpenAI, and other developer API keys.
Amos Stealer Targets macOS Keychain Files and Browser Passwords
Amos Stealer targets macOS users through fake downloads, stealing Keychain files, browser passwords, cookies, and developer configs for data theft.
New Rokarolla Android Trojan Found Targeting 217 Crypto and Banking Apps
Zimperium researchers discover a new mobile Trojan that hijacks clipboards, blocks bank calls, and takes complete control of Android devices.
Hackers Hide New Argamal Malware Inside Working Hentai Games
Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents.
Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware
Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions.
FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders
The Justice Department and FBI seized 13 fake consulting websites that officials say targeted US clearance holders with paid research work designed to obtain sensitive government information.
Scammers Use TikTok and Instagram Reels to Spread Vidar Infostealer
ReversingLabs reveals how hackers exploit social media engagement metrics to deliver Vidar infostealer malware to thousands of unsuspecting users.
Maine Govt Portal Lists 10M Discord Data Breach Notice, But Filing Shows Red Flags
Maine Attorney General portal lists a Discord breach notice claiming 10 million affected, but odd filing details leave it unverified and questionable.
Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor
Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users.