Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. "They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud

The Hacker News
Open in Source
#vulnerability#web#google#git#java#intel#perl#pdf#chrome#The Hacker News
How to Use Passkeys With Google Password Manager (2025)

Google can create and manage passkeys from your browser, but the process is more involved than it suggests.

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting "active senior

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re protecting key systems or locking down cloud apps, these are the updates you need before making your next security

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner. "The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments," Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with The

Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner

FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer (data theft) and PureMiner (cryptojacking) to Windows PCs.

New SVG-based phishing campaign is a recipe for disaster

Another phishing campaign using SVG files to trick targets. This delicious-looking recipe turns out to hide malicious code.

CVE-2025-10892: Chromium: CVE-2025-10892 Integer overflow in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208

CVE-2025-10891: Chromium: CVE-2025-10891 Integer overflow in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208

CVE-2025-10890: Chromium: CVE-2025-10890 Side-channel information leakage in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208