Anthropic patches critical zero-click flaw in Claude Chrome extension
A zero-click XSS flaw in the Claude Chrome extension allowed any website to inject malicious prompts, risking data theft before Anthropic issued a pat
LinkedIn secretly scans for over 6,000 Chrome extensions, collects data
A new "BrowserGate" report reveals LinkedIn's hidden script that scans for 6,000+ Chrome extensions, raising major privacy and user profiling concerns
Drone strikes deep inside Russia signal a new phase of asymmetric warfare
An in-depth analysis of the November 2023 drone strikes on Tolyatti and Taganrog, revealing a sophisticated strategy to disrupt Russia's war effort.
AI assistant finds critical code execution flaws in Vim and Emacs
A security researcher used simple prompts with the Claude AI to discover critical remote code execution bugs in Vim and Emacs, both now patched.
European Commission confirms major data breach linked to software supply chain attack
Over 300GB of data, including personal information, was stolen from the European Commission in a supply chain attack targeting its AWS environment.
Beyond the battlefield: Iran's cyber arsenal and the threat to US infrastructure
Geopolitical friction between the U.S. and Iran fuels a shadow war in cyberspace, with Iranian APTs targeting critical infrastructure with destructive
Anatomy of a swarm: Deconstructing Russia's hybrid drone attacks on Ukraine
A deep dive into Russia's large-scale drone attacks on Ukraine, analyzing the cyber-physical technology, the impact on critical infrastructure, and st
XR headsets could use your skull's vibrations to log you in
Emerging research details a biometric system that uses the unique skull vibrations from a user's heartbeat and respiration to provide continuous authe
Blast radius of TeamPCP attacks expands amid hacker infighting
A complex web of supply chain attacks, data breaches, and conflicting claims from groups like TeamPCP, Lapsus$, and ShinyHunters creates chaos for def
Beyond the missiles: A deep dive into Iran's state-sponsored cyber arsenal
While headlines focus on Iran's missile program, its state-sponsored cyber arsenal poses a more immediate threat through espionage and destructive att
Microsoft begins force-upgrading Windows 11 PCs to unreleased 24H2 version
Microsoft is automatically upgrading some Windows 11 23H2 PCs to the unreleased 24H2 version, raising concerns over stability and user control.
Beyond the strait: Iran's cyber threat to global maritime and energy sectors
Geopolitical tensions in the Strait of Hormuz have a cyber dimension, with Iranian APTs targeting maritime and energy sectors with destructive malware