GitHub

TabSearch Browser Hijacker and Adware Program

TabSearch does not serve an explicit legitimate purpose for end users. Instead, its design and behavior align with monetization through advertising and forced redirects. The program changes browser ...
Finextra

Software Bundling and Free Tools: Hidden Hijacker Risks in Financial Workstations

Financial institutions handle huge amounts of confidential data. They require strong security controls year-round. Installing free software may introduce bundled ...
Bleeping Computer

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The ...
The Hacker News

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as ...
CSOonline

Atlas browser exploit lets attackers hijack ChatGPT memory

OpenAI’s Atlas browser is under scrutiny after researchers demonstrated how attackers can hijack ChatGPT memory and execute malicious code, without leaving traditional malware traces. Days after ...
Dexerto

TwitchCon PC allegedly had malware installed that forced streamer to change all her passwords

Twitch streamer Lululuvely revealed that the PC she used to stream from TwitchCon had a ‘hijacker’ program installed before she used it, potentially compromising her accounts. TwitchCon is Twitch’s ...
GitHub

browser_evaluate fails with "invalid JSON" error on large responses (potential Unicode serialization issue)

The browser_evaluate tool returns a 400 error when the evaluated JavaScript returns strings containing lone Unicode surrogates. The error manifests as: API Error: 400 ...
IEEE

Hephaistos: A Data Flow Analysis Framework for Identifying Browser Fingerprinting Functions in JavaScript

Abstract: With the increasing sophistication of web technologies in recent years, browser fingerprinting techniques have emerged as a widely used mechanism for uniquely identifying users based on ...
Tom's Guide

Google just fixed a major Chrome zero-day flaw — update your browser right now

For the fastest way to join Tom's Guide Club enter your email below. We'll send you a confirmation and sign you up to our newsletter to keep you updated on all the latest news. By submitting your ...
Ars Technica

Anthropic’s auto-clicking AI Chrome extension raises browser-hijacking concerns

As AI assistants become capable of controlling web browsers, a new security challenge has emerged: users must now trust that every website they visit won’t try to hijack their AI agent with hidden ...
SecurityWeek

China-Linked Hackers Hijack Web Traffic to Deliver Backdoor

Google researchers say China-linked UNC6384 combined social engineering, signed malware, and adversary-in-the-middle attacks to evade detection. A China-linked cyberespionage group has been hijacking ...