Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...

Hacking the grid: How digital sabotage turns infrastructure into a weapon

The US used a cyberattack to turn off power in Caracas during the raid to seize Maduro. The US grid is also vulnerable to ...
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
Infosecurity Magazine

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

MCP is an open standard introduced by Anthropic in November 2024 to allow AI assistants to interact with tools such as ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...
CNET

Our Ultimate Alexa Command List: 200+ Voice Commands for Echos and Smart Homes

With more than a decade of experience, Nelson covers Apple and Google and writes about iPhone and Android features, privacy and security settings, and more. From ordering an Uber to managing your ...