DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft
î ‚Aug 20, 2025î „Ravie LakshmananVulnerability / Browser Security
Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be...
Gh0st RAT-based GodRAT attacks financial organizations
Summary
In September 2024, we detected malicious activity targeting financial (trading and brokerage) firms through the distribution of malicious .scr (screen saver) files disguised as...
Keeping an Eye on MFA-Bombing Attacks
I recently woke up (as one does each day, hopefully) and saw a few Microsoft MFA prompts had pinged me overnight. Since I had...
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme – Krebs on Security
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage...
Poisoned Calendar invites, ChatGPT, and Bromide • Graham Cluley
A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after...
D3f4ult – Darknet Diaries
Full Transcript
This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the...
