Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

How to Spot a ‘Sleeper’ Browser Extension That’s Actually Malware

Malicious extensions occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. Some of them only morph into malware after gaining ...
The Hacker News

ToddyCat's New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, including using a custom tool dubbed TCSectorCopy.
The New York Times

A Swath of Bank Customer Data Was Hacked. The F.B.I. Is Investigating.

SitusAMC, a technology vendor for real estate lenders, holds sensitive personal information on the clients of hundreds of its banking customers, including JPMorgan Chase. By Rob Copeland Stacy Cowley ...
The New York Times

Anthropic Says Chinese Hackers Used Its A.I. in Online Attack

The company claimed that A.I. did most of the hacking with limited human input and said it was a rapid escalation of the technology’s use in cybercrime. By Meaghan Tobin and Cade Metz Meaghan Tobin ...