Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable Driver (BYOVD) attack aimed at disarming security solutions installed on compromised hosts. The vulnerable driver in question is "amsdk.sys" (version 1.0.600), a 64-bit, validly signed Windows kernel device driver

The Hacker News
Open in Source
#vulnerability#web#mac#windows#google#microsoft#git#intel#backdoor#alibaba#auth#chrome#The Hacker News
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures

8 Malicious NPM Packages Stole Chrome User Data on Windows

JFrog researchers found eight malicious NPM packages using 70 layers of obfuscation to steal data from Chrome browser…

Fake Facebook Ads Push Brokewell Spyware to Android Users

A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware…

CVE-2025-9478: Chromium: CVE-2025-9478 Use after free in ANGLE

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.125 8/28/2025 139.0.7258.154/.155

Google Big Sleep AI Tool Finds Critical Chrome Vulnerability

Make sure your Chrome browser is updated to the latest version to stay protected.

China Hijacks Captive Portals to Spy on Asian Diplomats

The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites.

🔍 Vulners Lookup – augmented CVE reality

🔍 Vulners Lookup – augmented CVE reality. Yesterday, VulnCheck unveiled a prototype Chrome/Chromium plugin that highlights CVE identifiers on any website and shows a popup with vulnerability details, including whether the vulnerability is in the VulnCheck KEV (an extended CISA KEV). ⚡️ The Vulners team saw this news, loved the idea, and built their own […]