Leaky Chrome extensions with 37M installs caught divulging your browsing history

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft

A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals ...

Fake CAPTCHA pages are tricking users into installing malware

The hackers use fake CAPTCHA pages—which are designed to mimic standard security checks—to trick users into installing malicious software (“Stealthy StealC Information Stealer”) via keyboard commands.