Dec 29, 2025Ravie LakshmananEndpoint Protection / Browser Security A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their … [Read more...] about 16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
Exposing
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request … [Read more...] about Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data
May 25, 2024NewsroomMachine Learning / Data Breach Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed unauthorized access to the AI … [Read more...] about Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data
MongoDB Suffers Security Breach, Exposing Customer Data
Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, … [Read more...] about MongoDB Suffers Security Breach, Exposing Customer Data
Exposing the Harsh Truths of Cyberattacks in New Report
Aug 31, 2023The Hacker News How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of … [Read more...] about Exposing the Harsh Truths of Cyberattacks in New Report
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Aug 12, 2023THNVulnerability / Privacy Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s desk phones and Zoom's Zero Touch … [Read more...] about Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Reddit Suffers Security Breach Exposing Internal Documents and Source Code
Feb 10, 2023Ravie LakshmananData Breach / Source Code Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "sophisticated and highly-targeted phishing attack" … [Read more...] about Reddit Suffers Security Breach Exposing Internal Documents and Source Code
Exposing hidden cyber supply chain risks
We’re all tired of shortages. Things we took for granted are now hard to find or cost a lot more. Maybe you opened a new online account to locate that thing you need. Ah, the feeling of relief when it finally arrived. But what if that’s when your real troubles began? Let’s rewind. When you opened that new account, you added a new vendor to your personal supply chain. You handed … [Read more...] about Exposing hidden cyber supply chain risks
SWEED: Exposing years of Agent Tesla campaigns
Threat Research By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we’re calling “SWEED,” including such notable malware as Formbook, Lokibot and Agent Tesla. Based on our research, SWEED — which has been … [Read more...] about SWEED: Exposing years of Agent Tesla campaigns