Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Your smart TV may be crawling the web for AI

Some TV apps let you watch programming with fewer ads, as long as you allow your TV to participate in a global proxy network.

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...