serisec

Category: Browser

  • Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

    Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you’re job hunting, what religion you are, and whether you have ADHD. And none of this is mentioned…

  • New “Prompt Poaching” Attack Steals Users’ AI Conversations via Malicious Browser Extensions

    New “Prompt Poaching” Attack Steals Users’ AI Conversations via Malicious Browser Extensions For many users, engaging with an AI assistant requires opening a dedicated browser tab, which inherently isolates the AI from other browsing activities. While this separation improves privacy, it reduces usefulness and context. To bridge this gap, AI-powered browser extensions have surged in…

  • Beware! Fake ChatGPT browser extensions are stealing your login credentials

    Beware! Fake ChatGPT browser extensions are stealing your login credentials If you’ve installed a browser extension to enhance your ChatGPT experience, you might want to think again. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley

  • The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser

    The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser In episode 74 of The AI Fix, we meet Amazon’s AI-powered delivery glasses, an AI TV presenter who doesn’t exist, and an Ohio lawmaker who wants to stop people from marrying their chatbot. Also, we learn how Geoffrey Hinton and…

  • Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner

    Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hope to the post-quantum scramble:…

  • OpenAI is to Launch a AI Web Browser in Coming Weeks

    OpenAI is to Launch a AI Web Browser in Coming Weeks OpenAI is reportedly preparing to release an artificial intelligence-enhanced web browser within the coming weeks, marking the company’s latest expansion beyond its popular ChatGPT platform. The new browser will feature integrated AI agent capabilities designed to autonomously handle various online tasks, positioning OpenAI as…

  • Tor Browser 14.0.6 Released, What’s New!

    Tor Browser 14.0.6 Released, What’s New! The Tor Project has officially launched Tor Browser 14.0.6, addressing a critical crash issue affecting users on older macOS systems. This latest update incorporates several technical improvements, ensuring enhanced stability and performance across platforms. Tor Browser is built on Firefox ESR (Extended Support Release) and incorporates advanced privacy features…

  • PoC Exploit Released for TP-Link Router Web Interface XSS Vulnerability

    PoC Exploit Released for TP-Link Router Web Interface XSS Vulnerability A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553).  The issue stems from improper handling of directory listing paths on the router’s web interface. When a specially crafted URL is accessed,…