software
Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions
OpenAI’s Atlas and Perplexity’s Comet browsers are vulnerable to attacks that spoof the built-in AI sidebar and can lead users into following malicious instructions. The AI Sidebar Spoofing attack was devised by researchers at browser security company SquareX and works on the latest versions of the two browsers. The researchers created three realistic attack scenarios where a […]
CommetJacking attack tricks Comet browser into stealing emails
A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. In a realistic scenario, no credentials or user interaction are required and a threat actor can leverage the attack by simply exposing a maliciously crafted URL to […]
Brave browser surpasses the 100 million active monthly users mark
Brave browser reached 101 million monthly active users and 42 million daily active users this September, marking a new record in the project’s history. At the same time, Brave Search, the project’s privacy-focused search engine that launched in 2021 and relies on its own web index, has grown to 1.6 billion monthly search queries and […]
EU probes SAP over anti-competitive ERP support practices
The European Comission is investigating potential anti-competitive practices in aftermarket services SAP provides for its on-premise ERP software. The decision to launch the investigation into the German software giant came after several years of claims from stakeholders in the industry that the company abuses its dominant position in the market when it comes to maintenance and support […]
Mozilla warns Germany could soon declare ad blockers illegal
A recent ruling from Germany’s Federal Supreme Court (BGH) has revived a legal battle over whether browser-based ad blockers infringe copyright, raising fears about a potential ban of the tools in the country. The case stems from online media company Axel Springer’s lawsuit against Eyeo – the maker of the popular Adblock Plus browser extension. Axel Springer […]
Proton launches free standalone cross-platform Authenticator app
Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS. 2FA authenticator apps are offline tools that generate time-based one-time passwords (TOTPs) that expire every 30 seconds, and which can be used alongside passwords when logging into online accounts, providing the second factor authentication. Proton is a […]
Hackers scanning for TeleMessage Signal clone flaw exposing passwords
Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. TeleMessage SGNL is a Signal clone app now owned by Smarsh, a compliance-focused company that provides cloud-based or on-premisses communication solutions to various organizations. Scanning for vulnerable endpoints Threat monitoring firm GreyNoise has observed […]
Hackers abuse leaked Shellter red team tool to deploy infostealers
Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. The abuse has kept going for several months and even though security researchers caught the activity in the wild, Shellter did not receive a notification. […]
New Tor Oniux tool anonymizes any Linux app’s network traffic
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections. Unlike classic methods like torsocks, which rely on user-space tricks, Oniux uses Linux namespaces to create a fully isolated network environment for each application, preventing data leaks even if the app is malicious […]
Brave’s Cookiecrumbler tool taps community to help block cookie notices
Brave has open-sourceed a new tool called “Cookiecrumbler,” which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won’t break site functionality. The Brave browser has been blocking cookie consent banners by default on all websites since 2022 but found that blocking consent banners may cause website problems that […]