Iran’s Hackers Attack WhatsApp Users—Do Not Click These Links

Iranian hackers linked to the country’s IRGC have been caught hijacking WhatsApp accounts to spy on “individuals abroad who ...
The Hacker News

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five fake Chrome extensions impersonate Workday and NetSuite to steal cookies, block admin controls, and hijack sessions for ...

Reprompt attack hijacked Microsoft Copilot sessions for data theft

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot ...
Infosecurity-magazine.com

Okta Breach Hit Over 130 Customers

A security breach at identity and access management (IAM) specialist Okta impacted over 130 of its customers, a handful of which suffered follow-on session hijacking attacks as a result, the vendor ...
Hosted on MSN

16 Billion Passwords Leaked: Why Blockchain-Based Identity Matters Now

In June 2025, cybersecurity researchers confirmed the largest password leak in internet history. Over 16 billion unique credentials, including passwords, session tokens, cookies, and metadata, were ...
Dark Reading

Heartbleed Attack Targeted Enterprise VPN

Now there's live proof the Heartbleed bug can be exploited, not just to steal private SSL keys stored on a server, but also to retrieve VPN session tokens. Researchers at Mandiant -- now part of ...
CRN

Firefox Extension Firesheep Enables Website Hijacking

A Firefox extension boasts that users can hack into someone else's Facebook, Twitter, or Windows Live account by easily hijacking their session over a Wi-Fi network. The extension, known as Firesheep, ...