How digital thieves use fake profiles and invites to scam your friends

Shhhhhhh. It’s a Surprise!” But something triggered my spider senses. The email address was legitimate. I double-checked. But it came from a fellow church member with whom I wasn’t close enough ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

I nearly lost ALL my funds on Microsoft Teams call: This new crypto scam looks 100% real

A growing number of crypto founders, traders, creators and even seasoned crypto professionals are being targeted by a new kind of attack, one that doesn't look like a hack at all. This is a ...

Man clicks on Google search result—horror when he realizes what he's done

A man clicked on a Google search result and shared his immediate regrets in a Reddit post.

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

This simple email trick saves me from annoying marketing spam (and it's free to do)

But most importantly, after covering numerous sale events like Black Friday and Prime Day, I've learned how to avoid the ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

Hackers use fake CAPTCHA schemes to put info-stealing viruses on your devices; here’s how to stay safe

If you've ever had to log into an online account, you're likely familiar with a CAPTCHA ID verification box.

Cybersecurity Experts Warn: This Common Email Habit Is a Gift to Hackers

Your email address is your identity, so you should treat it with care. Here’s how.

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...

How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel

How A Roblox Cheat Triggered A $2 Million Breach At Vercel. Why The Vercel Incident Changes The Economics Of Enterprise AI ...