Fake Perplexity extension on Chrome Web Store tracked searches

A malicious extension has been discovered on the Chrome Web Store, masquerading as a legitimate tool from the popular Perplexity AI answer engine. The extension, called “Search for perplexity ai,” intercepts search traffic and collects browsing information, potentially exposing users to further exploitation. Microsoft Threat Intelligence researchers have shed light on the fake extension’s inner … Read more

What the Numbers Say About FIFA 2026 Cyber Risk

As the world gears up for the highly anticipated FIFA 2026 tournament, cybersecurity experts are sounding the alarm about a new and concerning threat: software vulnerabilities discovered by AI models. It’s not just gamers who should be worried – companies that provide services to the tournament, sponsors, and even fans could be at risk of … Read more

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

A disturbing trend has been uncovered in the world of iOS apps, with research revealing that numerous artificial intelligence-powered applications are leaking sensitive API keys and opening up access to AI proxy services through network traffic. The findings, published by a team of researchers, have left many wondering how these vulnerabilities were missed in the … Read more

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

A critical vulnerability has been exposed in GuardFall, an open-source artificial intelligence (AI) coding agent designed to identify and remediate software vulnerabilities. The flaw allows attackers to inject malicious code into systems, exploiting a decades-old weakness known as shell injection. This security lapse affects not only users of the tool but also organizations that rely … Read more

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

A Sophisticated Attack on Cryptocurrency Wallets: Silent Swap Crypto Clipper Exposed A new and insidious threat has emerged, targeting cryptocurrency holders with a seemingly innocuous Google Chrome extension that’s actually a stealthy wallet address changer. Dubbed “Silent Swap Crypto Clipper,” this malicious tool is disguised as a legitimate note-taking app, allowing attackers to quietly swap … Read more

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

A critical vulnerability in SimpleHelp, a popular remote desktop support software, has been exploited by attackers to deploy malware and steal sensitive data. The CVE-2026-48558 flaw, discovered by researchers, allows malicious actors to inject arbitrary code on vulnerable systems, making it an attractive target for cybercriminals. The exploitation of this vulnerability is particularly concerning due … Read more

What the Numbers Say About FIFA 2026 Cyber Risk

As the soccer world gears up for the FIFA World Cup 2026, cybersecurity experts are sounding the alarm about a critical threat lurking in the shadows of the tournament’s digital infrastructure. Researchers have uncovered an alarming number of software vulnerabilities in various systems connected to the event, with AI-powered tools playing a key role in … Read more

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

A staggering number of iOS apps utilizing artificial intelligence (AI) have been found to be leaking sensitive API keys and exposing access to open AI proxies through network traffic, according to a recent study published on The Hacker News. This alarming discovery affects a significant portion of mobile users, making it essential for individuals and … Read more

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

A recent discovery involving GuardFall, an open-source platform that leverages artificial intelligence (AI) coding agents, has exposed users to decades-old shell injection risks. The vulnerability, which affects organizations utilizing AI-driven development tools like GuardFall, highlights a pressing concern in modern cybersecurity: the potential for sophisticated threats to be exploited through previously known vulnerabilities. GuardFall’s AI-powered … Read more