Aggregator

Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links

Cyber Security News
3 days 12 hours ago

Hackers are finding new ways to trick people into downloading malware, and this time, they are hiding behind tools many of us have come to trust. A newly uncovered cryptojacking campaign is abusing AI chatbot interactions to steer unsuspecting users toward malicious software download sites. The threat is quiet, convincing, and surprisingly easy for anyone […]

The post Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links appeared first on Cyber Security News.

Tushar Subhra Dutta

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

The Hackers News
3 days 12 hours ago
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That's according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as well as mobile users in Brazil. The
The Hacker News

我在韩先楚身边的日子

青衣十三楼飞花堂
3 days 12 hours ago
他回忆同他搭过班子的政治委员时说:“袁升平为人品德很好。政治工作经验丰富,平易近人。我们合作很好。”紧接着他自我总结分析说:“我就是与叶飞没合作好。”

M3RX

Dark Feed IO
3 days 13 hours ago

You must login to view this content

cohenido

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

The Hackers News
3 days 13 hours ago
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropic's Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. The
The Hacker News

《巫师3》将于明年推出新资料片《旧时曲》

Solidot
3 days 13 hours ago
CD PROJEKT RED 宣布《巫师3》的第三部资料片《旧时曲(Songs of the Past)》将于明年推出。《巫师3:狂猎》于 2015 年 5 月发布,2015 年 10 月与 2016 年 6 月分别发布了两个资料片《石之心》和《血与酒》。《巫师3》饱受赞誉,至今销量逾 6000 万份,是史上最畅销的游戏之一。《旧时曲》由 CD PROJEKT RED 与 Fool’s Theory 联合开发,Fool’s Theory 由之前参与《巫师》系列的前 CD PROJEKT RED 开发者组建,它正在开发的一个项目是第一部《巫师》的重制版。在《旧时曲》中,玩家将再次扮演猎魔人利维亚的杰洛特,开启一段全新的冒险之旅。更多信息将于夏末公布。这部资料片被广泛视为是为即将推出的《巫师4》预热。

Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes

Cyber Security News
3 days 13 hours ago

A hidden system application bundled with Motorola smartphones has been caught intercepting user-initiated Amazon app launches and silently redirecting them through affiliate tracking URLs, raising serious concerns about supply chain integrity, user consent, and undisclosed revenue practices on premium Android devices. The behavior was first reported by a Motorola Razr 60 Ultra user on Reddit, […]

The post Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes appeared first on Cyber Security News.

Guru Baran

CVE-2026-46090 | Linux Kernel up to 6.12.87/6.18.26/7.0.3/7.1-rc1 ALSA loopback_check_format streams[] use after free

VulDB Recent Entries
3 days 13 hours ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.87/6.18.26/7.0.3/7.1-rc1. Affected by this issue is the function loopback_check_format of the component ALSA. The manipulation of the argument streams[] results in use after free. This vulnerability is reported as CVE-2026-46090. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2026-46037 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 ipv4 array_index_nospec icmp_pointers[] privilege escalation

VulDB Recent Entries
3 days 13 hours ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. Affected by this vulnerability is the function array_index_nospec of the component ipv4. The manipulation of the argument icmp_pointers[] leads to privilege escalation. This vulnerability is documented as CVE-2026-46037. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-46035 | Linux Kernel up to 6.18.26/7.0.3/7.1-rc1 alloc_frozen_pages_nolock stack-based overflow

VulDB Recent Entries
3 days 13 hours ago
A vulnerability classified as critical was found in Linux Kernel up to 6.18.26/7.0.3/7.1-rc1. Affected is the function alloc_frozen_pages_nolock. Executing a manipulation can lead to stack-based buffer overflow. This vulnerability is registered as CVE-2026-46035. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-46092 | Linux Kernel up to 4.19.266 wifi pci_upstream_bridge denial of service

VulDB Recent Entries
3 days 13 hours ago
A vulnerability classified as critical has been found in Linux Kernel. This impacts the function pci_upstream_bridge of the component wifi. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2026-46092. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-46033 | Linux Kernel up to 7.1-rc1 crypto crypto_authenc_esn_setauthsize out-of-bounds

VulDB Recent Entries
3 days 13 hours ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3/7.1-rc1. This affects the function crypto_authenc_esn_setauthsize of the component crypto. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2026-46033. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

Managed ad