OpenAI is offering ChatGPT Plus, which costs $20 in the United States, for free, but the offer is valid for some accounts only, and it’s a limited-time deal. […]
Fake ad blocker extension crashes the browser for ClickFix attacks
A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. […]
New PDFSider Windows malware deployed on Fortune 100 firm’s network
Ransomware attackers targeting a Fortune 100 company in the finance sector used a new malware strain, dubbed PDFSider, to deliver malicious payloads on Windows systems. […]
Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism.
The vulnerability, Miggo Security’s Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar’s privacy controls by hiding a dormant
The vulnerability, Miggo Security’s Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar’s privacy controls by hiding a dormant
UK govt. warns about ongoing Russian hacktivist group attacks
The U.K. government is warning of continued malicious activity from Russian-aligned hacktivist groups targeting critical infrastructure and local government organizations in the country in disruptive denial-of-service (DDoS) attacks. […]
Hacker admits to leaking stolen Supreme Court data on Instagram
A Tennessee man has pleaded guilty to hacking the U.S. Supreme Court’s electronic filing system and breaching accounts at the AmeriCorps U.S. federal agency and the Department of Veterans Affairs. […]
TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking
The researcher who discovered the vulnerability saw more than 2,500 internet-exposed devices.
The post TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking appeared first on SecurityWeek.
Jordanian pleads guilty to selling access to 50 corporate networks
A Jordanian man has pleaded guilty to operating as an “access broker” who sold access to the computer networks of at least 50 companies. […]
Jordanian Admits in US Court to Selling Access to 50 Enterprise Networks
Operating as an access broker, the defendant sold unauthorized access to compromised networks to an undercover agent.
The post Jordanian Admits in US Court to Selling Access to 50 Enterprise Networks appeared first on SecurityWeek.
‘SolyxImmortal’ Information Stealer Emerges
The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks.
The post ‘SolyxImmortal’ Information Stealer Emerges appeared first on SecurityWeek.