GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
The Hacker News

A Browser Extension Risk Guide After the ShadyPanda Campaign

Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...

7 CISA Security Rules Every Android User Should Know

Following a reported surge in espionage activity, the agency in charge of countering cyber threats in the U.S. has updated ...

Illegal Downloads of ‘One Battle After Another’ Contain Dangerous Malware

Bitdefender reports that some torrents of One Battle After Another currently available online contain PowerShell scripts and ...

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...
Intelligencer on MSNOpinion

What You Will — and Won’t — Find in the Epstein File Dump

On December 19, at long last, the files will be made public — at least the ones Pam Bondi decides not to hold back.

5 ways to scour the dark web for your data after Google kills its free report

Google's support page has confirmed the closure, of which some users were initially notified via email. Scans for new dark web data breaches will stop on Jan. 15, 2026, and by Feb.16, 2026, the report ...