Threat actors can secretly hijack devices using a new attack known as Browser Syncjacking, involving a malicious Chrome extension. They establish a malicious Google Workspace domain and publish a seemingly legitimate browser extension on the Chrome Web Store. Once consumers download the extension, attackers can gain access to all their device’s data and manipulate them into installing a fake software update, enabling total browser control. Notably, this attack requires minimal permissions and user interaction.
Akamai warns of active attacks from new Mirai variant
Online backbone provider, Akamai, has sounded an alert regarding a new botnet (Aquabotv3) based on the malware, Mirai. Discovered by Akamai researchers Larry Cashdollar and
