In a study, researchers from Stanford University and the CISPA Helmholtz Center for Information Security highlighted that over the past three years, 280 million Chrome extension installs contained malware. Many of these malicious extensions have been available in the Chrome store for a long time. Extensions with malware have lasted over a year (380 days), and those with vulnerable code have lasted over 1,248 days. Such extensions can steal plain-text passwords, drain bank accounts, and more. This article continues to discuss the threat of browser backdoors.

According to a new report from Palo Alto Networks' Unit 42, organizations are introducing over 300 new services monthly, making up about 32 percent of high or critical cloud exposures. The company warned that the rapid expansion of digital services is making the cybersecurity landscape increasingly complex. It is becoming more difficult for businesses and government entities to keep an accurate inventory of their Information Technology (IT) assets, which attackers gravitate toward.

Tenable researchers found vulnerabilities in Microsoft's Azure Health Bot Service that threat actors could have used to access sensitive data. Healthcare organizations can build and deploy Artificial Intelligence (AI)-powered virtual health assistants using the Azure Health Bot Service. Some of these chatbots may need access to sensitive patient information to do their jobs. Tenable discovered a data connection feature that lets bots interact with external data sources.

The Computer Emergency Response Team of Ukraine (CERT-UA) recently announced that more than 100 Ukrainian government computers have been compromised following a mass phishing campaign.  It was noted that the attackers impersonated the Security Service of Ukraine in the emails to lure targets into clicking on a malicious link that leads to ANONVNC malware being downloaded onto the device.

A team of researchers from Germany's CISPA Helmholtz Center for Information Security discovered an architectural flaw, codenamed "GhostWrite," affecting the Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs. Attackers could exploit the bug to gain unrestricted access to vulnerable devices. The GhostWrite vulnerability is a direct CPU bug embedded in the hardware instead of a side-channel or transient execution attack.

The most successful team in DEF CON's Capture-the-Flag (CTF) competition history, Carnegie Mellon University's (CMU) "Plaid Parliament of Pwning" (PPP), won its third consecutive title, earning its eighth victory. DEF CON's flagship competition gathers cybersecurity professionals, researchers, and students to break each other's systems, steal virtual flags, and accumulate points while protecting their own systems. As cyberattacks rise worldwide, such events allow top cybersecurity engineers to compete and learn new techniques.

The company Nightfall AI found that secrets such as passwords and Application Programming Interface (API) keys were most often found in GitHub. Every year, about 350 total secrets are exposed per 100 employees. Thirty-five percent of the discovered API keys were still active, increasing vulnerability to privilege escalation attacks, data leaks, and breaches.

Nearly 2.7 billion records of personal information for people in the US were leaked on a popular hacking forum. The records include names, Social Security numbers (SSNs), known physical addresses, and more. The leaked data is alleged to have come from National Public Data, a company that collects and sells access to personal data for background checks, criminal record searches, and private investigations. This article continues to discuss the leak of 2.7 billion data records by hackers.

Adobe recently released fixes for 72 security vulnerabilities across multiple products and warned that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks. The company noted that the patches address critical security defects in Adobe Acrobat and Reader, Illustrator, Photoshop, InDesign, Adobe Commerce, and Dimension and is warning that the most severe of these vulnerabilities could allow attackers to take complete control of a target machine.

The Federal Bureau of Investigation (FBI) has partnered with law enforcement in the UK and Germany to dismantle Information Technology (IT) infrastructure linked to the ransomware group called "Dispossessor" or "Radar." According to the FBI, the group targets small and medium-sized businesses (SMBs) in the production, development, education, healthcare, financial services, and transportation sectors. This article continues to discuss the dismantling of the Radar/Dispossessor ransomware.