While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

For decades, web architecture has followed a familiar and frankly exhausting pattern. A dominant approach emerges, gains near ...

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...

The now-patched flaw is the latest in a growing string of security issues with the viral AI tool, which has seen rapid adoption among developers.

It suggests that most real-world AI deployments are not as reckless as some narratives imply. The most common issues we observed were familiar ones: weak defaults, excessive permissions, and poor ...