1+ hour, 40+ min ago  (621+ words) Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. A vulnerability in Chrome could have allowed malicious extensions to hijack the browser's AI assistant to spy on users and exfiltrate data,…...

1+ hour, 45+ min ago  (626+ words) Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. A vulnerability in the OpenClaw AI assistant could have allowed attackers to hijack agents by luring victims…...

17+ hour, 31+ min ago  (8+ words) Google Working Towards Quantum-Safe Chrome HTTPS Certificates'SecurityWeek...

2+ day, 17+ hour ago  (462+ words) Names, addresses, email addresses, phone numbers, and encrypted passwords were compromised in the attack. More than 38 million accounts were affected by an October 2025 data breach at Canadian retail giant Canadian Tire. The incident was discovered on October 2 and involved unauthorized…...

3+ day, 15+ hour ago  (515+ words) Hackers stole personal information such as names, email addresses, phone numbers, and other information. Roughly 38 million people were likely impacted by a data breach at European DIY store chain ManoMano after hackers compromised a support portal. The attack occurred in…...

3+ day, 21+ hour ago  (556+ words) CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio. Gardyn smart indoor hydroponic gardens were until recently affected by potentially serious vulnerabilities that could have been exploited for remote…...

4+ day, 15+ hour ago  (544+ words) Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files. Check Point researchers discovered serious vulnerabilities in Anthropic's Claude Code tool that could have allowed attackers to silently gain control of a developer's computer. The…...

4+ day, 17+ hour ago  (475+ words) The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution. Networking provider Zyxel this week released patches for multiple vulnerabilities across dozens of device models, including a critical flaw leading to remote…...

4+ day, 19+ hour ago  (542+ words) TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products. TrendAI, the new name of Trend Micro's enterprise business, on Wednesday announced patches for several critical and high-severity vulnerabilities found in the Windows and macOS…...

4+ day, 19+ hour ago  (706+ words) Already added to CISA's KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. Cisco on Wednesday rolled out emergency patches for a critical Catalyst SD-WAN zero-day vulnerability that has been exploited in the wild. Tracked as…...