NGINX servers hijacked in global campaign to redirect traffic

Redirected traffic can be abused in multiple ways, experts warn ...

If You've Installed Any of These 17 Browser Extensions, Delete Them Now

Another wave of malicious browser extensions capable of tracking user activity have been found across Chrome, Firefox, and Edge. Some of them may have been active for up to five years.
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar ...
Ars Technica

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...