Phishing - Browser Security Daily

Browser Security

Chrome Zero-Days & AI Agent Flaws Fuel Web Security Concerns

This newsletter is AI generated and may hallucinate sometimes 😊 OpenClaw AI Agent Flaws Expose Users to Prompt Injection and Data Theft * Researchers at Adversa AI uncovered critical prompt injection and sensitive data exfiltration vulnerabilities in OpenClaw, an open-source framework for AI agents. * The flaws enable attackers to manipulate AI agents

Browser Security

Browser Security: Phishing, Chrome, and Web Flaws Detected

This newsletter is AI generated and may hallucinate sometimes 😊 Starkiller Phishing Suite Bypasses MFA with AiTM Reverse Proxy * The Starkiller phishing suite actively employs Adversary-in-the-Middle (AiTM) reverse proxy techniques to effectively bypass multi-factor authentication (MFA) protections. * This sophisticated campaign intercepts user credentials and authenticated session cookies, allowing attackers to hijack

Browser Security

Browser Security: npm Malware, SocGholish, Ducktail, Darcula Threats

This newsletter is AI generated and may hallucinate sometimes 😊 Self-Spreading npm Malware Targets Developers via Discord and Private Packages * A new self-spreading npm malware, dubbed 'BiBi', infects development machines by modifying `~/.bashrc` or `~/.zshrc` to exfiltrate environment variables and credentials to Discord webhooks. * The malware propagates by automatically

Browser Security

Chrome Emergency Patch, Phishing Services, and Browser-Related Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 ‘Starkiller’ Phishing Service Proxies Real Login Pages and MFA * Starkiller is a new phishing-as-a-service (PhaaS) platform that leverages sophisticated reverse proxy technology to intercept login credentials and bypass multi-factor authentication (MFA). * Operating since early 2026, the service targets high-value corporate accounts

Browser Security

Browser Security Roundup: Edge, Chrome Extensions, AI Phishing & React RCE

This newsletter is AI generated and may hallucinate sometimes 😊 zkLogin: when ZKP is not enough * Critical vulnerabilities discovered in zkLogin blockchain authorization, despite using zero-knowledge proofs. * Identified flaws include JWT parsing ambiguities, weak token binding, centralization risks, and impersonation attacks. * Zero-knowledge proofs alone do not guarantee secure authentication, due to

Browser Security

German Agencies Warn of Signal Phishing Campaigns Exploiting Browsers

This newsletter is AI generated and may hallucinate sometimes 😊 * German intelligence agencies BSI and BfV issued a joint warning regarding an active phishing campaign targeting high-profile individuals, including politicians, military personnel, and journalists, via the Signal messaging app. * This campaign leverages sophisticated social engineering to deceive victims into clicking malicious

Browser Security

RedKitten Campaign Steals Browser Data from NGOs & Activists

This newsletter is AI generated and may hallucinate sometimes 😊 Iran-Linked RedKitten Campaign Targets NGOs with Browser Data Theft * A cyber campaign dubbed "RedKitten," linked to Iran, is actively targeting human rights NGOs and activists, particularly those focusing on Iran, with sophisticated social engineering and custom malware. * The campaign

Browser Security

Browser Security Roundup: ClickFix Phishing, PeckBirdy C2, React Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 ClickFix Attacks Expand Using Fake CAPTCHAs and Trusted Web Services * The ClickFix phishing campaign has evolved, now leveraging fake CAPTCHAs, Microsoft JavaScript files, and reputable web services to steal user credentials. * Attackers are exploiting Microsoft's Content Delivery Network (CDN)

Browser Security

Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

This newsletter is AI generated and may hallucinate sometimes 😊 * A sophisticated multi-stage phishing campaign is actively targeting various entities in Russia, including government, defense, and research organizations. * The attack chain involves spear-phishing emails delivering malicious ISO files or self-extracting RAR archives, which subsequently deploy the Amnesia RAT (also known as

Browser Security

Chrome Patches Critical V8 Vulnerability; LastPass Phishing Active

This newsletter is AI generated and may hallucinate sometimes 😊 Malicious Google Calendar invites could expose private data * Vulnerability in Google Calendar allowed prompt-injection instructions in invites to bypass privacy controls. * Malicious invites leveraged Google Gemini to create events summarizing private meetings, exposing data. * Google fixed the issue, but warns of

Phishing

New 'Greatness' Phishing Platform Targets M365 Users in Browser Attacks

This newsletter is AI generated and may hallucinate sometimes 😊 New 'Greatness' Phishing-as-a-Service Platform Emerges Targeting Microsoft 365 Users * The "Greatness" Phishing-as-a-Service (PhaaS) platform is actively being offered to threat actors, providing advanced phishing kits to facilitate credential harvesting. * This platform specifically targets Microsoft 365 users, employing

Browser Security

Browser Threats: GoldPickaxe, Opera Neon AI Prompt Injection

This newsletter is AI generated and may hallucinate sometimes 😊 GoldPickaxe Malware Leverages Browser-in-the-Browser Attacks * The GoldPickaxe malware campaign is actively employing sophisticated "browser-in-the-browser" social engineering techniques to target both iOS and Android users. * Attackers are using this method to steal sensitive information, including facial scan data and various