10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google Calendar events.
The post 10K Claude Desktop Users Exposed by Zero-Click Vulnerability appeared first on TechRepublic.
Continue reading 10K Claude Desktop Users Exposed by Zero-Click Vulnerability

Flickr’s 35M Users Affected by Third-Party Data Exposure

Flickr disclosed a data exposure tied to a third-party email provider, highlighting how external service vulnerabilities can put millions of users at risk.
The post Flickr’s 35M Users Affected by Third-Party Data Exposure appeared first on TechRepublic… Continue reading Flickr’s 35M Users Affected by Third-Party Data Exposure

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
The post Chrome Vulnerabilities Allow Code Execution, Browser Crashes appeared first on TechRepublic.
Continue reading Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
The post Chrome Vulnerabilities Allow Code Execution, Browser Crashes appeared first on TechRepublic.
Continue reading Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Chrome Add-On Caught Stealing Amazon Commissions

A Chrome extension posing as an Amazon ad blocker was caught hijacking affiliate links in the background, redirecting commissions without user consent.
The post Chrome Add-On Caught Stealing Amazon Commissions appeared first on TechRepublic.
Continue reading Chrome Add-On Caught Stealing Amazon Commissions

Microsoft Issues Emergency Patch for Active Office Zero-Day

Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security via malicious files.
The post Microsoft Issues Emergency Patch for Active Office Zero-Day appeared first on TechRepublic.
Continue reading Microsoft Issues Emergency Patch for Active Office Zero-Day

New Windows Flaw Lets Attackers Bypass Mark of the Web

Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against malicious downloads and phishing files.
The post New Windows Flaw Lets Attackers Bypass Mark of the Web appeared first on TechR… Continue reading New Windows Flaw Lets Attackers Bypass Mark of the Web

900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats

OX Security reveals how malicious Chrome extensions exposed AI chats from ChatGPT and DeepSeek, silently siphoning sensitive data from 900,000 users.
The post 900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats appeared first… Continue reading 900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats