Blog

Your blog category

Blog

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features. “It provides a single place to block current and future generative AI features in Firefox,” Ajit Varma, head of Firefox, said. “You can also review and manage individual AI…

Read More Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Blog

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the open-source editor, according to new findings from Rapid7. The development comes shortly

Read More Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
Blog

Sophos Protected Browser Early Access and FAQ

Categories: Products & Services Tags: Workspace

Read More Sophos Protected Browser Early Access and FAQ
Blog

Attackers Harvest Dropbox Logins Via Fake PDF Lures

A malware-free phishing campaign targets corporate inboxes and asks employees to view “request orders,” ultimately leading to Dropbox credential theft.

Read More Attackers Harvest Dropbox Logins Via Fake PDF Lures
Blog

County Pays $600K to Wrongfully Jailed Pen Testers

Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.

Read More County Pays $600K to Wrongfully Jailed Pen Testers
Blog

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor’s hosting provider to redirect targeted users to malicious downloads.

Read More Chinese Hackers Hijack Notepad++ Updates for 6 Months
Blog

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project,…

Read More Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
Blog

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue, which is tracked as CVE-2026-25253 (CVSS score: 8.8), has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a…

Read More OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
Blog

ShinyHunters Expands Scope of SaaS Extortion Attacks

Following its attacks on Salesforce instances last year, members of the cybercrime group have broadened their targeting and gotten more aggressive with extortion tactics.

Read More ShinyHunters Expands Scope of SaaS Extortion Attacks
Blog

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay…

Read More Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos