A newly identified malware-as-a-service (MaaS) platform called Stanley is offering cybercriminals ready-made malicious browser extensions with a promise that they will pass moderation and be published in the official Chrome Web Store. This model dramatically increases the potential scale of compromise by turning trusted extension ecosystems into delivery channels for phishing and data theft. New … Read more

Recent ColorOS builds for new OnePlus flagships introduce a strict hardware-backed Anti-Rollback Protection (ARB) mechanism that can effectively block downgrades and severely restrict the installation of older custom ROMs. According to reports from the modding community, attempting to revert to a previous firmware after installing these updates can in many cases lead to a fully … Read more

Two malicious AI coding assistant extensions have been discovered in the official Visual Studio Code Marketplace, collectively amassing roughly 1.5 million installations. Behind the promised productivity gains, the plugins were silently exfiltrating source code and sensitive developer data to remote servers located in China, underscoring the growing risk of supply chain attacks targeting developer tools. … Read more

Phishing remains one of the most effective techniques for stealing passwords, even among users who rely on password managers. In response, 1Password has rolled out a new built-in phishing protection mechanism designed to detect suspicious and look-alike URLs and warn users before they enter their credentials on a potentially fraudulent site. How 1Password’s New Anti-Phishing … Read more

In 2024, Forbes reported that Microsoft supplied law enforcement with BitLocker recovery keys to unlock Windows laptops seized in a COVID‑19 unemployment fraud investigation on Guam. This appears to be the first publicly documented case where Microsoft provided keys protecting full‑disk encryption on user devices, and it raises important questions about the real level of … Read more

A rare incident response case has highlighted a critical blind spot in many organizations’ ransomware defenses. Cybersecurity firm Cyber Centaurs reports that it gained access to infrastructure linked to the INC ransomware operation, located encrypted backups stored by the threat actors themselves, and successfully restored data for 12 U.S. organizations previously hit by extortion attacks. … Read more

GitLab has shipped out-of-band security updates to address a critical two-factor authentication (2FA) bypass and several denial-of-service (DoS) vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE). Administrators of self-managed GitLab instances are strongly advised to deploy the patches without delay to reduce account takeover and service disruption risks. Critical GitLab 2FA bypass vulnerability … Read more

A major ransomware incident at Chinese electronics manufacturer Luxshare, one of Apple’s key contract partners, is drawing attention to the fragility of cybersecurity in global technology supply chains. The RansomHub ransomware group claims it has compromised Luxshare’s internal systems and is threatening to publish sensitive data related to multiple global brands if a ransom is … Read more

The Curl project is phasing out its bug bounty program on HackerOne after a sharp rise in low‑quality, often AI‑generated vulnerability reports. Founder and lead developer Daniel Stenberg announced a staged shutdown, arguing that the program’s economics have been undermined by “AI slop” — superficially plausible but technically incorrect submissions that overwhelm a small security … Read more

In January, security analysts observed a new wave of targeted phishing attacks linked to the PhantomCore threat group. According to researchers at F6, large-scale campaigns took place on 19 and 21 January, focusing on organizations across key sectors of the Russian economy — including housing and utilities, finance, aerospace, and major online marketplaces — with … Read more