Author: Declan Murphy
The comfort of AI chatbots has include a hidden price for almost one million Chrome customers. On December 29, 2025, cyber risk defence consultants at OX Safety revealed that two common browser extensions have been secretly recording non-public conversations and sending them to exterior servers. This discovery is a part of a disturbing new development that researchers at Safe Annex have named Immediate Poaching, the place attackers particularly goal the delicate questions and proprietary knowledge we feed into instruments like ChatGPT. Malicious Chrome Extensions The 2 instruments on the centre of OX Analysis’s investigation are “Chat GPT for Chrome with…
Jan 08, 2026Ravie LakshmananPrivateness / Synthetic Intelligence Synthetic intelligence (AI) firm OpenAI on Wednesday introduced the launch of ChatGPT Well being, a devoted house that permits customers to have conversations with the chatbot about their well being. To that finish, the sandboxed expertise affords customers the non-obligatory means to securely join medical data and wellness apps, together with Apple Well being, Perform, MyFitnessPal, Weight Watchers, AllTrails, Instacart, and Peloton, to get tailor-made responses, lab check insights, diet recommendation, customized meal concepts, and steered exercise courses. The brand new characteristic is rolling out for customers with ChatGPT Free, Go, Plus, and…
Menace actors are persevering with to refine “quishing” phishing delivered via QR codes by shifting from conventional image-based payloads to “imageless” QR codes rendered immediately in e mail HTML, a tactic designed to sidestep safety instruments that concentrate on decoding QR photographs. QR code abuse just isn’t new, however it stays efficient as a result of the person expertise is frictionless: a fast scan launches a browser session on a cell machine, usually outdoors the protected boundary of company endpoints and e mail inspection workflows. Cloudflare notes that QR phishing regularly bypasses standard defenses as a result of many controls…
Researchers have launched particulars a couple of vital vulnerability that was silently patched in n8n, a platform utilized by many firms to construct LLM-powered brokers and automatic workflows. The flaw can permit unauthenticated attackers to fully take over native n8n deployments, execute instructions on the underlying system, and extract delicate company information workflows sometimes have entry to. “The blast radius of a compromised n8n is huge,” researchers from information safety firm Cyera, who discovered the vulnerability, famous of their report on the vulnerability. “N8n is connecting numerous methods, your organizational Google Drive, OpenAI API keys, Salesforce information, IAM methods, cost…
Safety groups have spent years bettering their means to detect and block malicious bots. That effort stays crucial. Automated visitors now makes up greater than half of all net visitors, and bot-driven assaults proceed to develop in quantity and class. What has modified is the position of respectable bots and the way little visibility most safety groups have into their habits. So-called good bots now account for a big share of automated visitors. Search engine crawlers index content material. AI methods scrape pages to coach fashions and generate responses. Agentic AI is starting to work together with purposes on behalf…
Jan 07, 2026Ravie LakshmananCommunity Safety / Vulnerability A newly found important safety flaw in legacy D-Hyperlink DSL gateway routers has come below energetic exploitation within the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS rating: 9.3), considerations a case of command injection within the “dnscfg.cgi” endpoint that arises because of improper sanitization of user-supplied DNS configuration parameters. “An unauthenticated distant attacker can inject and execute arbitrary shell instructions, leading to distant code execution,” VulnCheck famous in an advisory. “The affected endpoint can also be related to unauthenticated DNS modification (‘DNSChanger’) conduct documented by D-Hyperlink, which reported energetic exploitation campaigns concentrating on…
ESET Analysis has uncovered a major surge in CloudEye malware detections, with a 30-fold improve within the second half of 2025. The safety agency detected greater than 100,000 an infection makes an attempt over the six months, signaling a widespread menace affecting organizations globally. CloudEyE operates as a Malware-as-a-Service (MaaS) downloader and cryptor designed to hide and deploy secondary payloads together with Rescoms, Formbook, and Agent Tesla identified data stealers and distant entry trojans. The proliferation of CloudEyE represents a notable shift in malware distribution ways, leveraging the rising ecosystem of ransomware-as-a-service and malware-as-a-service platforms. By functioning as a stealthy…
“Open WebUI shops the JWT token in localStorage,” Cato researchers mentioned in a weblog put up. “Any script working on the web page can entry it. Tokens are long-lived by default, lack HttpOnly, and are cross-tab. When mixed with the execute occasion, this creates a window for account takeover.”The assault requires the sufferer to allow Direct Connections (disabled by default) and add the attacker’s malicious mannequin URL, based on an NVD description. Escalating to Distant Code Execution The chance doesn’t cease at account takeover. If the compromised account has workspace.instruments permissions, attackers can leverage that session token to push authenticated…
Singapore Cyber Company Warns of Crucial IBM API Join Vulnerability (CVE-2025-13915) A essential authentication bypass flaw, CVE-2025-13915, impacts IBM API Join. Singapore points alert as IBM releases fixes. Overview The Cyber Safety Company of Singapore has issued an alert relating to a essential vulnerability affecting IBM API Join, following the discharge of official safety updates by IBM on 2 January 2026. The flaw, tracked as CVE-2025-13915, carries a CVSS v3.1 base rating of 9.8, putting it among the many most extreme vulnerabilities presently disclosed for enterprise automation software program. In keeping with IBM’s safety bulletin, the difficulty stems from an authentication bypass weak point that would permit a distant attacker to realize unauthorized…
Menlo Park, India, January sixth, 2026, CyberNewsWire AccuKnox, a world chief in Zero Belief Cloud-Native Software Safety Platforms (CNAPP), has appointed Connex Data Applied sciences as its authorised distribution companion throughout South and Southeast Asia. The partnership aligns AccuKnox with Connex, a world value-added distributor that has steadily expanded its regional footprint since its founding in 2014. Connex operates in 14 international locations and helps a community of over 1,500 channel companions throughout its world footprint spanning Asia-Pacific, the Center East, Africa, and Oceania. For AccuKnox, the settlement represents a sensible step towards deeper regional attain, favouring localised execution and…