A security expert has discovered that six of the most popular password managers, used by tens of millions of people, are vulnerable to clickjacking, a phenomenon that allows attackers to steal login credentials, two-factor authentication codes, and credit card information. The issue was first reported by independent researcher Marek Tóth, who presented a vulnerability report at the recent DEF CON 33 hacker conference. His findings were later confirmed by Socket experts, who contributed to inform affected vendors and coordinate public disclosure of vulnerabilities. He tested his attack on specific variants of 1Password, Bitwarden, Enpass, iCloud Passwords, LastPass and LogMeOnce and found that

Martyn Ditchburn, CTO in residence Zscaler Artificial intelligence, like any technology, is not inherently good or bad: it all depends on who uses it and for what purpose. What is certain, however, is that AI is evolving faster than its more conservative counterpart—regulation—as legislators struggle to keep pace. Complicating the situation, AI is also innovating internally, generating an unprecedented acceleration in technological development. This scenario is paving the way for a new set of security challenges, the latest of which is vibe coding. As with any AI innovation cycle, it’s crucial to understand what it is and what its security implications are.

NetScaler has alerted administrators of three new vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is already being used in active attacks. Updates are available and the vendor urges you to install them immediately: exploits for CVE-2025-7775 have been discovered on unprotected devices. The bugs include a memory overflow with the potential for code execution and denial of service, a second similar bug causing service crashes and unpredictable behavior, and an access control issue in the management interface. The bugs affect both standard releases and FIPS/NDcPP-compliant builds. Updates have already been deployed for vendor-managed cloud services, but client installations require

Cybercriminals are rapidly mastering generative AI, and we’re no longer talking about “scary” ransom notes, but about full-fledged malware development. The Anthropic research team reported that attackers are increasingly relying on large language models throughout the entire lifecycle of creating and selling data encryption tools. In parallel, ESET described an attack concept in which local models, on the attacker’s side, take over key extortion steps. The overall findings show how artificial intelligence removes technical barriers and accelerates the evolution of ransomware schemes. According to Anthropic, extortionists use Claude not only to prepare texts and negotiation scenarios, but also to generate code, test

A lawsuit has been filed against OpenAI in California, alleging that ChatGPT driven a 16-year-old to commit suicide. The parents of Adam Reid, who died on April 11, 2025, said that their son had been communicating with the chatbot for months and that those conversations had exacerbated his distress. They said that ChatGPT not only fueled the boy’s dark thoughts but also provided him with advice on suicide methods instead of referring him to professionals or loved ones. In a series of messages, the teenager discussed the deaths of loved ones and how he felt no emotion. In the fall, he asked

Google representatives announced that starting in 2026, only apps from verified developers will be able to be installed on certified Android devices. This measure aims to combat malware and financial fraud and will affect apps installed from third-party sources. The requirement will apply to all “certified Android devices,” meaning devices that run Play Protect and have Google apps preinstalled. In 2023, the Google Play Store introduced requirements similar and, according to the company, this has led to a sharp decrease in malware and fraud. The requirements will now be mandatory for any app, including those distributed through third-party app stores and through

Nevada’s government network was paralyzed after an incident in the early morning hours of August 24. The attack rendered the state’s IT infrastructure inoperable and forced most offices to close to the public. Only essential services and employees involved in critical processes remain operational. The governor’s office reported that specialists have been working around the clock to restore service since the incident was detected. Temporary paths and workarounds were used to maintain access to several resources. At the same time, authorities emphasize that the primary goal is not the speed of restoring services, but their security. Before restarting, all systems are tested

French retailer Auchan has informed hundreds of thousands of customers that their personal data has been stolen following a hacker attack. In notifications sent to users last week, the company stated that the breach affected names, email addresses, phone numbers, and loyalty card numbers, but emphasized that no banking information, passwords, or PINs were compromised. “We inform you that Auchan has been the victim of a cyber attack. This attack resulted in unauthorized access to some personal data associated with your loyalty program account,” the notice reads. Auchan states that it has taken all necessary measures to localize the attack and improve

A critical vulnerability in the desktop version of Docker for Windows and macOS allowed a host system to be compromised by running a malicious container, even with Enhanced Container Isolation (ECI) protection enabled. The vulnerability has been assigned the identifier CVE-2025-9074 (9.3 points on the CVSS scale) and is a server-side request forgery (SSRF) bug. The issue has been fixed in version 4.44.3. “A malicious container running in Docker Desktop could access the Docker Engine and launch additional containers without mounting a Docker socket,” Docker developers explain in a security bulletin. “This could lead to unauthorized access to user files on the

Finally (metaphorically speaking), we’re here. ESET experts have reported the first ransomware program in which artificial intelligence plays a key role. The new sample has been named PromptLock. It is written in Go and uses OpenAI’s gpt-oss:20b local template via the Ollama interface to generate malicious Lua scripts in real time. The scripts run directly on the device and allow the program to list files on the disk, analyze their contents, download selected data, and encrypt them. The code runs equally on Windows, Linux, and macOS, making the threat cross-platform. According to the author’s idea, the malware can not only copy or