#chrome

Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser add-ons collectively have about 20,905 active users. "

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP archive as a way to trigger the infection. The cybersecurity company's analysis is based on the ZIP

The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as HoldingHands RAT (aka Gh0stBins). "The campaign relied on phishing emails with PDFs that contained embedded malicious links," Pei Han Liao, researcher with Fortinet's FortiGuard

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 141.0.3537.85 10/17/2025 141.0.7390.107/.108

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent campaigns undertaken by the hacking group have seen the functions of BeaverTail and OtterCookie coming

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware," the Microsoft Threat Intelligence team said in a post shared on X. The tech

North Korea's Famous Chollima is back, merging BeaverTail and OtterCookie malware to target job seekers. Cisco Talos details the new threat. Keylogging, screen recording, and cryptocurrency wallet theft detected in an attack.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: HyperLynx and Industrial Edge App Publisher Vulnerability: Access of Resource Using Incompatible Type ('Type Confusion') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to perform arbitrary code execution via a crafted HTML page. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens HyperLynx: vers:all/* Siemens Industrial Edge App Publisher: vers:intdot/<1.23.5 3.2 VULNERABILITY OVERVIEW 3.2.1 ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION')...

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK).

In my 15 years as a software engineer, I’ve seen one truth hold constant: traditional databases are brilliant…