serisec

Category: Google Chrome

  • 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users

    108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and injecting unwanted ads and scripts into browsers – all reporting back to the same central point. Read more in my article on…

  • Patch Tuesday, April 2026 Edition

    Patch Tuesday, April 2026 Edition Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe…

  • Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

    Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing LinkedIn has been secretly scanning your browser for over 6,000 installed extensions — on every single click you make. It can tell if you’re job hunting, what religion you are, and whether you have ADHD. And none of this is mentioned…

  • Beware! Fake ChatGPT browser extensions are stealing your login credentials

    Beware! Fake ChatGPT browser extensions are stealing your login credentials If you’ve installed a browser extension to enhance your ChatGPT experience, you might want to think again. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley

  • Patch Tuesday, June 2025 Edition

    Patch Tuesday, June 2025 Edition Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The sole…

  • The AI Fix #44: AI-generated malware, and a stunning AI breakthrough

    The AI Fix #44: AI-generated malware, and a stunning AI breakthrough In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5 Pro Experimental and nobody notices, and Mark invents a clock for measuring…

  • ClickFix: How to Infect Your PC in Three Easy Steps

    ClickFix: How to Infect Your PC in Three Easy Steps A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes…

  • Microsoft Patch Tuesday, February 2025 Edition

    Microsoft Patch Tuesday, February 2025 Edition Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name…

  • Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT

    Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk…