Hackers target dozens of VPN and AI extensions for Google Chrome to compromise data

As of Wednesday, a total of 36 Chrome extensions injected with data-stealing code have been detected, mostly related to artificial intelligence tools and virtual private networks.

The Record from Recorded Future News – ​Read More

China-Linked Cyber Threat Group Hacks US Treasury Department

Threat actors entered Treasury Department systems through BeyondTrust. The breach may be related to the Salt Typhoon attacks reported throughout the year.

Security | TechRepublic – ​Read More

Cybertruck explosion outside Trump hotel in Vegas leaves 1 dead, 7 injured

A Tesla Cybertruck that exploded and burst into flames Wednesday morning just outside the Trump International Hotel Las Vegas has left one person dead and seven people injured, according to the Las Vegas Metropolitan Police Department (LVMPD). Matthew Alan Livelsberger, a 37-year-old man who was an active duty U.S. Army Green Beret from Colorado Springs, […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

A recent claim that a critical zero-day vulnerability existed in the popular open-source file archiver 7-Zip has been met with skepticism from the software’s creator and other security researchers. 

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Volkswagen Breach Exposes Data of 800K EV Customers

Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands.

darkreading – ​Read More

US Arrests Army Soldier Over AT&T, Verizon Hacking

US soldier Cameron John Wagenius was arrested and charged over his suspected connection to presidential phone records leaks.

The post US Arrests Army Soldier Over AT&T, Verizon Hacking appeared first on SecurityWeek.

SecurityWeek – ​Read More

‘Bad Likert Judge’ Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs

A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.

darkreading – ​Read More

Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API

Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure.
The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform’s OData Web API Filter, while the third vulnerability is rooted in the FetchXML

The Hacker News – ​Read More

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them

In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS

The Hacker News – ​Read More

Chinese government hackers reportedly targeted US Treasury’s sanctions office during December cyberattack

Chinese government hackers targeted the U.S. Treasury’s highly sensitive sanctions office during a December cyberattack, according to reports. According to The Washington Post, the state-sponsored hackers targeted the Office of Foreign Assets Control (OFAC), a government department that imposes economic and trade sanctions against countries and individuals, to potentially access information on Chinese organizations that […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More