Aggregator
131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store
Over the past several months, cybersecurity researchers have observed a surge of fraudulent Chrome extensions masquerading as legitimate WhatsApp Web automation tools. These 131 rebranded clones, each presenting as distinct offerings, share an identical codebase designed to automate bulk messaging and scheduling without user consent. By injecting custom scripts directly into the WhatsApp Web interface, […]
The post 131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store appeared first on Cyber Security News.
CVE-2025-62696 | Springboard Extension on Mediawiki command injection (EUVD-2025-35132 / WID-SEC-2025-2341)
CVE-2025-62694 | WikiLove Extension 1.39 on Mediawiki cross site scripting (EUVD-2025-35130 / WID-SEC-2025-2341)
CVE-2025-62693 | LastModified Extension up to 1.38 on Mediawiki cross site scripting (EUVD-2025-35084 / WID-SEC-2025-2341)
CVE-2025-62657 | PageForms Extension 1.44 on MediaWiki cross site scripting (EUVD-2025-35104 / WID-SEC-2025-2341)
CVE-2025-62656 | GlobalBlocking Extension 1.43/1.44 on MediaWiki cross site scripting (EUVD-2025-35105 / WID-SEC-2025-2341)
国家授时中心遭受攻击的背后:核心风险与防范
专家解读 | 我国生成式人工智能用户规模实现翻一番
评论 | “授时战”拉响网络空间安全新警报
发布 | 中国移动发布《智慧城市低空应用人工智能安全白皮书》
专家解读 | 《国家能源局关于加强用户侧涉网安全管理的通知》
专题·网络靶场 | 基于软件定义网络靶场构建的欺骗防御体系
CVE-2025-11715 | Mozilla Firefox up to 143 memory corruption (EUVD-2025-34200 / Nessus ID 270625)
CVE-2025-11715 | Mozilla Thunderbird up to 143 memory corruption (EUVD-2025-34200 / Nessus ID 270625)
CVE-2025-11714 | Mozilla Firefox up to 143 memory corruption (EUVD-2025-34204 / Nessus ID 270392)
CVE-2025-11714 | Mozilla Thunderbird up to 143 memory corruption (EUVD-2025-34204 / Nessus ID 270392)
New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 2025, GlassWorm hijacks developer machines via invisible Unicode code, harvests credentials, drains cryptocurrency wallets, and transforms infected systems […]
The post New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.