Chrome extensions can steal plaintext passwords from websites Chrome extensions can steal plaintext passwords from websites (bleepingcomputer.com)
Downfall: New Intel CPU Attack Exposing Sensitive Information Downfall: New Intel CPU Attack Exposing Sensitive Information – SecurityWeek
Hackers increasingly abuse Cloudflare Tunnels for stealthy connections Hackers increasingly abuse Cloudflare Tunnels for stealthy connections (bleepingcomputer.com)
Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft – SecurityWeek
New Microsoft Azure AD CTS feature can be abused for lateral movement New Microsoft Azure AD CTS feature can be abused for lateral movement (bleepingcomputer.com)
Salesforce Email Service Zero-Day Exploited in Phishing Campaign Salesforce Email Service Zero-Day Exploited in Phishing Campaign – SecurityWeek
Zimbra patches zero-day vulnerability exploited in XSS attacks Zimbra patches zero-day vulnerability exploited in XSS attacks (bleepingcomputer.com)
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws (bleepingcomputer.com)
Norway says Ivanti zero-day was used to hack govt IT systems Norway says Ivanti zero-day was used to hack govt IT systems (bleepingcomputer.com)
Microsoft Cloud Hack Exposed More Than Exchange, Outlook Emails Microsoft Cloud Hack Exposed More Than Exchange, Outlook Emails – SecurityWeek