Tech News
General news about the tech industry, trends, and major events.
Credential-stealing Chrome extensions target enterprise HR platforms
Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP platforms were discovered stealing authentication credentials or blocking management pages used to respond to security incidents. The campaign was discovered by cybersecurity firm Socket, which says it identified five Chrome extensions targeting Workday, NetSuite, and SAP […]
ChatGPT Go subscription rolls out worldwide at $8, but it’ll show you ads
OpenAI’s $8 ChatGPT Go subscription, which gives you 10x more messages, is now available in the United States and other regions. With ChatGPT Go, you can get 10x more messages, file uploads, and image creation than the free tier. However, ChatGPT doesn’t give you access to the advanced ‘thinking’ or ‘reasoning models,’ so you can […]
Malicious GhostPoster browser extensions found with 840,000 installs
Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge stores, where they accumulated a total of 840,000 installations. The GhostPoster campaign was first reported by Koi Security researchers in December. They found 17 extensions that were hiding malicious JavaScript code in their logo images, which monitored browser activity and planted […]
OpenAI says its new ChatGPT ads won’t influence answers
OpenAI has confirmed that ChatGPT will start showing ads in the coming weeks, but it promises that ads won’t influence the answers it generates. OpenAI says ChatGPT ads will appear within the answers, likely at the bottom of the answers, and only those who use the free account or ChatGPT Go account will see ads. Microsoft-backed […]
StealC hackers hacked as researchers hijack malware control panels
A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware allowed researchers to observe active sessions and gather intelligence on the attackers’ hardware. StealC emerged in early 2023 with aggressive promotion on dark web cybercrime channels. It grew in popularity due to its evasion and extensive data theft capabilities. […]
Black Basta boss makes it onto Interpol’s ‘Red Notice’ list
The identity of the Black Basta ransomware gang leader has been confirmed by law enforcement in Ukraine and Germany, and the individual has been added to the wanted list of Europol and Interpol. Germany’s Federal Criminal Police Office (BKA) identified Oleg Evgenievich Nefedov, a 35-year-old Russian national, as the leader of the Black Basta ransomware gang. The Ukrainian […]
China-linked hackers exploited Sitecore zero-day for initial access
An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining access by exploiting both known and zero-day vulnerabilities. The hacker group has been active since at least 2025, and its purpose appears to be mainly to obtain initial access to […]
Verizon starts issuing $20 credits after nationwide outage
Verizon has begun sending text messages with instructions on how to redeem a $20 account credit for last week’s nationwide wireless outage. The message states that the $20 credit is intended to cover multiple days of service and apologizes for the outage. “Valued Verizon Customer – We let you down this week. For that we […]
Microsoft: Windows 11 update causes Outlook freezes for POP users
Microsoft is investigating widespread reports that a January Windows 11 security update is causing the classic Outlook desktop client to freeze and hang for users with POP email accounts. POP (Post Office Protocol) is an email retrieval protocol used for downloading emails from a server to a local device. While POP isn’t as widely used […]
Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks
A critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code is now being abused in attacks. According to security researcher Zach Hanley at penetration testing company Horizon3.ai, who reported the vulnerability (CVE-2025-64155), it is a combination of two issues that allow arbitrary writes with admin permissions and privilege escalation to root access. “An improper […]