Over half a million VKontakte accounts hijacked using malicious Chrome extensions

Five extensions were doing all sorts of malicious acts, including stealing payment data.
The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

New Amazon Attack Warnings — What 300 Million Customers Need To Know

As new warnings of attacks against Amazon users are posted to Facebook and X, here’s what you need to know and do.

The Rise of Credential Stuffing Attacks

Credential stuffing attacks use stolen passwords to log in at scale. Learn how they work, why they’re rising, and how to ...

Substack Breach May Have Leaked Nearly 700,000 User Details Online

Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 ...

30 fake AI Chrome extensions caught stealing passwords and more

Security experts have uncovered dangerous Chrome extensions that promise or impersonate AI tools to steal sensitive data.