The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

‘ClickFix’ hackers pose as VCs, hijack QuickLens in latest crypto attacks

Crypto hackers are expanding their ClickFix attacks using fake VC firms and a hijacked Chrome extension to steal wallet data ...