Blog – Page 241 – Cyber Mike

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager.
The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support.

The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appeared first on SecurityWeek.

npm’s Update to Harden Their Supply Chain, and Points to Consider

In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community.
Let’s start with the original

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025.

The post CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities appeared first on SecurityWeek.

Microsoft fixes bug that blocked Google Chrome from launching

Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. […]

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr.
“Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors,” Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. “Attackers are abusing

Chrome 145 Patches 11 Vulnerabilities

Three of the security defects are high-severity flaws, two of which were found and reported by Google.

The post Chrome 145 Patches 11 Vulnerabilities appeared first on SecurityWeek.

China Revives Tianfu Cup Hacking Contest Under Increased Secrecy

Rewards for exploits are reportedly much smaller than in the contest’s glory days.

The post China Revives Tianfu Cup Hacking Contest Under Increased Secrecy appeared first on SecurityWeek.

Russia tries to block WhatsApp, Telegram in communication blockade

The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under its control intensifies. […]

Bitwarden introduces ‘Cupid Vault’ for secure password sharing

Bitwarden has launched a new system called ‘Cupid Vault’ that allows users to safely share passwords with trusted email addresses. […]

Cyber News