AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...

Google rushes Chrome update fixing two zero-days already under attack

Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has ...
CSO Online

Google warns of two actively exploited Chrome zero days

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive ...
Việt Báo

3.5 billion Google Chrome users receive urgent warning.

Google has just released an emergency Chrome update to patch two dangerous zero-day vulnerabilities being exploited by ...
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Chrome Users Beware! Indian Govt Warn Users Of A High-Risk Alert: Steps On How To Stay Safe

CERT-In warned that older versions of Google Chrome contain critical vulnerabilities that are being actively exploited by ...
Security Boulevard

Google patches two Chrome zero-days under active attack. Update now

Google has released an out-of-band Chrome update to patch two zero-day vulnerabilities that are already being actively ...
The Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.
Windows Latest

Microsoft appears to be dumping native Copilot for Windows 11 in favour of web wrapper yet again

Later in the same year, Microsoft claimed it began rolling out a “native” version of Copilot, which was not exactly native, ...

Critical Google Chrome Security Bug—Visiting Web Page Executes Attack

Google has confirmed CVE-2026-3913, a critical security vulnerability in Chrome. one that could enable a remote code execution attack simply by visiting a web page.