Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a "Featured" badge and six million users…
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been…
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
Dec 15, 2025Ravie LakshmananRansomware / Cybercrime The pro-Russian hacktivist group known as…
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies…
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released…
Policy, Isolation, and Data Controls That Actually Work
The browser has become the main interface to GenAI for most enterprises:…
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Dec 13, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure…
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Dec 13, 2025Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates…
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted…