Jaguar Land Rover (JLR) revealed this week that a September 2025 cyberattack led to a 43% decline in third-quarter wholesale volumes. […]
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control.
The names of the extensions, which collectively have over 900,000 users, are below –
The names of the extensions, which collectively have over 900,000 users, are below –
Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI (ID:
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain full control of the device.
The flaw, CVE-2025-65606 (CVSS score: N/A), has been characterized as a flaw in the firmware-upload error-handling logic, which could cause the device to inadvertently start
The flaw, CVE-2025-65606 (CVSS score: N/A), has been characterized as a flaw in the firmware-upload error-handling logic, which could cause the device to inadvertently start
Sedgwick confirms breach at government contractor subsidiary
Claims administration and risk management company Sedgwick has confirmed that its federal contractor subsidiary, Sedgwick Government Solutions, was the victim of a security breach. […]
Hacker Conversations: Katie Paxton-Fear Talks Autism, Morality and Hacking
From dismantling online games as a child to uncovering real-world vulnerabilities, Katie Paxton-Fear explains how autism, curiosity, and a rejection of ambiguity shaped her path into ethical hacking.
The post Hacker Conversations: Katie Paxton-Fear Talks Autism, Morality and Hacking appeared first on SecurityWeek.
How generative AI accelerates identity attacks against Active Directory
Generative AI is accelerating password attacks against Active Directory, making credential abuse faster and more effective. Specops Software explains how AI-driven cracking techniques exploit weak and predictable AD passwords. […]
Cyber Risk Trends for 2026: Building Resilience, Not Just Defenses
We can’t outpace the adversary by trying to stop every attack, but we can outlast them by engineering systems and culture to take a punch and try to quickly rebound.
The post Cyber Risk Trends for 2026: Building Resilience, Not Just Defenses appeared first on SecurityWeek.
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Using fake accounts and synthetic data to lure the hackers, the researchers gathered information on their servers.
The post Researchers Trap Scattered Lapsus$ Hunters in Honeypot appeared first on SecurityWeek.
Critical Dolby Vulnerability Patched in Android
The flaw is tracked as CVE-2025-54957 and its existence came to light in October 2025 after it was discovered by Google researchers.
The post Critical Dolby Vulnerability Patched in Android appeared first on SecurityWeek.
Sophisticated ClickFix Campaign Targeting Hospitality Sector
Fake Booking reservation cancellations and fake BSODs trick victims into executing malicious code leading to RAT infections.
The post Sophisticated ClickFix Campaign Targeting Hospitality Sector appeared first on SecurityWeek.