Back to articles

Tag archive

#other

U
Jul 16, 2026

Unpatched Claude for Chrome Flaws Expose Gmail, Google Docs Data

Two unpatched vulnerabilities in Anthropic's 'Claude for Chrome' extension could allow a second, malicious extension to access and exfiltrate a user's Google Workspace data, including Gmail, Docs, and Calendar. The flaws, which exploit the extension's trust model by allowing a script to trigger actions without genuine user consent, were reported in May but persist in the latest version. The risk is highest for users who have enabled the 'Act without asking' feature, which could allow for silent data theft.

Jul 16, 20264 min read0 reactions0 comments
I
Jul 16, 2026

INC_RANSOM Ransomware Targets Miami Law Firm

The INC_RANSOM ransomware group has listed Golden Glasko Haddy and Associates, a Miami-based law firm, as a victim on its dark web leak site. The posting, which appeared on July 14, 2026, is part of a double-extortion campaign where the attackers claim to have stolen internal files and threaten to release them to pressure the firm into paying a ransom. The firm, which specializes in estate and probate law, has not yet commented on the attack or the potential exposure of sensitive client data.

Jul 16, 20264 min read0 reactions0 comments
'
Jul 16, 2026

'CrashStealer' macOS Malware Steals Keychain and Crypto Wallet Data

A new information-stealing malware for macOS, dubbed 'CrashStealer,' is actively being used in targeted attacks. The malware evades Apple's Gatekeeper by using a notarized installer and impersonates the legitimate 'CrashReporter.app' to trick users into entering their system password. Once obtained, CrashStealer unlocks the macOS Keychain to steal saved passwords, browser credentials, and data from dozens of cryptocurrency wallet applications. The campaign appears highly targeted, with distribution from a PIN-protected website.

Jul 16, 20264 min read0 reactions0 comments
N
Jul 17, 2026

New Security Products Address Emerging Threats

This week saw the launch of several new security products aimed at addressing emerging enterprise threats. Polygraf AI introduced 'Meeting Guard' for real-time deepfake detection in video meetings. Nudge Security released capabilities to automate the discovery and remediation of risky OAuth grants and browser extensions. Lineation.ai launched a Zero Trust platform to secure autonomous AI agents at runtime. Finally, Cloudflare made its 'Precursor' bot management engine generally available, which uses in-browser behavioral analysis to stop advanced bots.

Jul 17, 20263 min read0 reactions0 comments
N
Jul 16, 2026

Nightspire Ransomware Targets Cedar Crest College

The Nightspire ransomware group has added Cedar Crest College, a private liberal arts college in Pennsylvania, to its dark web data leak site. The listing appeared on July 14, 2026, with the attack estimated to have occurred a day prior. The group has not yet released any details about the type or volume of data allegedly stolen in the attack. The incident highlights the persistent threat of ransomware targeting the education sector.

Jul 16, 20264 min read0 reactions0 comments