Skip to main content

Tag: web security

6 articles

Laptop screen displays rogue login prompt with generic logo and username field.

Polyfill Compromise Targets Major Websites with Rogue Login Prompts

Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.

Analyst 207
Laptop on a home office desk with a blank screen, smartphone, and notebook nearby.

Google Chrome Bolsters Defenses with Cookie Theft Protection Rollout

Google's new Cookie Theft Protection is a game-changer, tying session cookies to device hardware to prevent hackers from using stolen cookies to access your accounts. This cutting-edge tech binds user sessions to a machine's security chip, making it virtually impossible for thieves to get in.

Analyst 207
Dimly lit server room with rows of computer servers and storage equipment, some screens displaying abstract interfaces.

Shadow AI Exposes 2,000 Vibe-Coded Apps with Sensitive Data

A shocking discovery by Red Access revealed over 2,000 apps with sensitive corporate, operational, or personal data exposed online, leaving countless organizations vulnerable to risk. These apps, found on popular vibe-coding platforms, were often deployed without basic security controls, granting open access to sensitive information.

Analyst 207
Rows of computer servers and racks in a dimly lit server room with exposed cables, conveying a sense of vulnerability.

cPanel Vulnerability Exposes Millions of Domains to Root Access Attacks

A critical cPanel vulnerability, rated 9.8 under CVSS, has been discovered, allowing attackers to craft a simple sequence of requests to bypass authentication and gain root access to servers, putting millions of domains at risk. Emergency patches are available to fix this gaping security flaw.

Analyst 207
Person in dark room surrounded by screens with varied images, face obscured, eyes fixed on one screen, with shattered…

Google Chrome Fails to Thwart Browser Fingerprinting

If a browser claims to be safe but fails to block one of the easiest ways for advertisers to track you online, can it really be considered safe? Google Chrome, despite its reputation for security, surprisingly leaves users vulnerable to browser fingerprinting, a pervasive tracking method that can uniquely identify and follow you around the web.

Analyst 207
Shadowy figure lurks near glowing laptop and smartphone screens in a dark setting.

Malicious Chrome Extensions Infiltrate Web Store, Compromise User Data

Malicious Chrome extensions, masquerading as harmless tools, have infiltrated the official Web Store, putting millions of users' data at risk by stealing sensitive tokens, planting backdoors, and running ad fraud. Over 100 of these rogue add-ons have been identified, highlighting a growing threat in a marketplace we thought was safe.

Analyst 207