Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
Tom's Hardware on MSN

HWMonitor and CPU-Z developer CPUID breached by unknown attackers

Unknown attackers compromised the CPUID website, redirecting users to malware laden versions of popular tools.

Police union pulls support for city attorney after leak of thousands of LAPD files

A data breach at the city attorney's office led to a massive cache of LAPD files being dumped online. Here's what we know ...

This clever Shortcut lets you download latest Artemis II images directly from NASA [U: updated shortcut]

Download full high quality Artemis II images with this easy to install and clever shortcut directly from NASA to your photo ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Vivaldi for Android finally kills the need for external PDF apps

Stop jumping between apps just to read a document. Vivaldi for Android's latest build is here to supercharge your workflow with built-in PDF support.
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...

LinkedIn scanning users’ browser extensions sparks controversy and two lawsuits

LinkedIn is facing two lawsuits over its practice of scanning users’ browsers to determine which extensions they’re running.

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.