LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability

LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell ...

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.