The attack abused misconfigured conditional access policies to bypass multi-factor authentication protections.
The bug was reported to Apple over a year ago, but still nothing has been done.

Researchers at Socket found two “VPN Go” browser extensions for Chrome and Firefox that posed as free VPNs while quietly stealing clipboard data through later updates.

Norton’s scam detection will let you ask Claude whether an email or online deal looks suspicious without leaving the AI chatbot.
The Secret Service isn’t abiding by its own guidance, and it could be putting lives at risk.

Microsoft says the 119 malicious extensions were downloaded a total of 2.6 million times since 2021.

Operation Offsides was a coordinated takedown of sites illegal streaming World Cup games.

Russian Intelligence are trying to hijack Signal accounts by tricking users into sending their Backup Recovery Keys
The credentials were exposed via an attack on third-party software.

Researchers uncovered a fake tax notice campaign that delivered remote-access malware via staged downloads and encrypted communications.