The Register

High-severity flaw let malicious add-ons access system via browser's embedded AI feature

Security boffins have discovered a high-severity bug in Google Chrome that allowed malicious extensions to hijack its Gemini Live AI panel and inherit privileges they were never meant to have.…

Third-party software supplier breached leading to leak of notes

Around 15.8 million administrative files were stolen after attackers breached a software supplier to France's health ministry.…

Slow disclosure and odd reassurance that exposing names and contact details won't be a problem isn't going down well

Gamers are ready to unleash their mightiest virtual weapons and point them at British games studio Cloud Imperium, after it sat on news of a data breach and then announced it without fanfare.…

Crims hope for payday from malicious payloads rather than stealing access tokens

Microsoft has warned organizations about ongoing OAuth abuse scams that use phishing emails and URL redirects to infect victims' machines with malware and take over their devices.…

'Expect elevated activity for the foreseeable future'

Iranian hackers have launched spying expeditions, digital probes, and distributed denial of service (DDoS) attacks in the wake of the US and Israel launching missile strikes over the weekend, and security researchers urge organizations to expect more cyber intrusions as the war continues.…

NCSC urges all to review posture as escalating tensions increase risk of indirect digital spillover

The UK's cybersecurity agency is warning British organizations to brace for potential digital blowback as the Middle East conflict spills further into the online world.…

We can remember it for you wholesale, and sell it back to you for big bucks

Web scraping bots are increasing the pressure on the tech supply chain by scouring sites for DRAM, so their minders can snap up increasingly scarce inventory and resell it for a quick profit.…

Vulnerable citizens targeted by criminals purporting to represent fake police crisis department

Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned.…

PLUS: Firefox adds XSS protection; Leadership turnover at CISA; FTC exempts some data collection

Infosec In Brief  DNS vulnerabilities are being addressed 84 percent faster in the UK public sector thanks to an automated vulnerability scanning system established as part of a program kicked off early last year.…

Went from triumph at having busted tax dodgers to embarrassment at losing the proceeds

South Korea’s National Tax Service has apologized after it leaked passwords to a stash of stolen crypto, which parties unknown used to make off with the digi-cash.…