The Hacker News

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites | Read more hacking news on The Hacker News ...
Pen Test Partners

Eurostar AI vulnerability: when a chatbot goes off the rails

TL;DR Introduction I first encountered the chatbot as a normal Eurostar customer while planning a trip. When it opened, it ...

Eurostar chatbot security flaws almost left customers exposed to data theft

Luckily, Eurostar did not connect its customer information database with the chatbot, so at the time of discovery, there was ...
The Hacker News

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Researchers uncover malware campaigns using cracked software and compromised YouTube videos to deliver CountLoader, GachiLoader, and info stealers.

Cyberthreats targeting the 2025 holiday season – what CISOs need to know

Attackers began preparing months in advance, leveraging industrialised tools and services that enable them to scale attacks ...

OpenAI Admits Prompt Injection Is a Lasting Threat for AI Browsers

Security researchers have warned the users about the increasing risk of prompt injection attacks in the AI browsers.
Cybernews

Vincent AI phishing vulnerability found, 200K+ law firms at risk of credential and data theft

VLex's Vincent AI assistant, used by thousands of law firms worldwide, is vulnerable to AI phishing attacks that can steal ...
CyberWire

Daily Briefing for 12.18.25

HPE issues patch for maximum-severity OneView flaw. Chinese threat actor targets maximum-severity Cisco zero-day.