HackMag

  • News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps
  • HackMag

  • News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps

More than 100 dual-function Chrome extensions hijack sessions and steal user credentials

📟 News

Date: 22/05/2025

Author: HackMag

According to DomainTools Intelligence (DTI), more than 100 malicious Chrome browser extensions disguised as VPN services, AI assistants, crypto utilities, etc. are used to steal cookies and covertly execute remote scripts.
Read full article →


Defendnot utility disables Microsoft Defender in Windows

📟 News

Date: 20/05/2025

Author: HackMag

A new tool called Defendnot can disable Microsoft Defender protection on Windows devices even if no real antiviruses are installed in the system.
Read full article →


Malware contained in NPM hides itself using Unicode-based steganography

📟 News

Date: 19/05/2025

Author: HackMag

A malicious package discovered in npm (node package manager) hides its code using invisible Unicode characters and uses Google Calendar links for communication with its C&C servers.
Read full article →


Customer support agents of Coinbase cryptocurrency exchange sold stolen user data to hackers

📟 News

Date: 16/05/2025

Author: HackMag

Coinbase, Inc., a cryptocurrency exchange with over 100 million users, announced that some rogue customer support agents sold customer data to cybercriminals. The extortionists demanded a 20 million USD ransom for nondisclosure of the stolen information.
Read full article →


Chrome employs AI to stop scammers

📟 News

Date: 14/05/2025

Author: HackMag

Google introduces a new security feature to Chrome. The new protection system uses the on-device Gemini Nano large language model (LLM) to detect and block scams while users are browsing the web.
Read full article →


OttoKit WordPress plugin targeted by massive attacks

📟 News

Date: 13/05/2025

Author: HackMag

Hackers exploit a critical privilege escalation vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin to create new admin accounts on vulnerable sites.
Read full article →


Malicious Python packages exploit Gmail and WebSockets

📟 News

Date: 06/05/2025

Author: HackMag

Socket’s Threat Research Team discovered seven malicious Python packages that use Gmail SMTP servers and WebSockets for data exfiltration and remote command execution.
Read full article →


  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • …
  • 13
  • »

HackMag.com © 2025

Privacy Policy | Cookie Policy