Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and ...

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; ...

Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store ...

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot session and issue commands to exfiltrate sensitive data.

In June 2025, cybersecurity researchers confirmed the largest password leak in internet history. Over 16 billion unique credentials, including passwords, session tokens, cookies, and metadata, were ...

Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) ...

A security breach at identity and access management (IAM) specialist Okta impacted over 130 of its customers, a handful of which suffered follow-on session hijacking attacks as a result, the vendor ...

Now there's live proof the Heartbleed bug can be exploited, not just to steal private SSL keys stored on a server, but also to retrieve VPN session tokens. Researchers at Mandiant -- now part of ...

Scared by the recent arrival of Firesheep, a controversial plug-in for Firefox that allows attackers to hijack your web sessions? The cookie-stealing tool, downloaded at least 600,000 times to date, ...

Iranian hackers linked to the country’s IRGC have been caught hijacking WhatsApp accounts to spy on “individuals abroad who ...