ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
LayerX found that BioShocking could trick AI browsers into leaking credentials by disguising malicious prompts as game rules.
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
Chrome has been automatically downloading Gemini Nano (a 4GB AI model) to users' computers without notification or an easy way to prevent it. Alex Valdes from Bellevue, Washington has been pumping ...