Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the […]
Author Archives: Onsite Computing, Inc.
The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment. The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks […]
A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE-2025-30406 (CVSS score: 9.0), the vulnerability refers to the use of a hard-coded cryptographic key that could expose internet-accessible servers to remote code execution attacks Go […]
Meta has announced that it will begin to train its artificial intelligence (AI) models using public data shared by adults across its platforms in the European Union, nearly a year after it paused its efforts due to data protection concerns from Irish regulators. “This training will better support millions of people and businesses in Europe, […]
Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. […] Go to Source Author: Lawrence Abrams
The hallucination problem is not just pervasive, it is persistent as well, according to new research. Go to Source Author: Jai Vijayan, Contributing Writer
American business services giant and government contractor Conduent disclosed today that client data was stolen in a January 2025 cyberattack. […] Go to Source Author: Lawrence Abrams
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Swiss cybersecurity firm Prodaft has launched a new initiative called ‘Sell your Source’ where the company purchases verified and aged accounts on hacking forums to to spy on cybercriminals. […] Go to Source Author: Bill Toulas
The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029. […] Go to Source Author: Bill Toulas