Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...
Researchers say attackers are extending AI-themed social engineering from phishing campaigns to browser extensions.
Microsoft warns that MCP tool descriptions can be manipulated to redirect AI agents, exposing sensitive data through trusted ...
Microsoft found a fake Perplexity AI Chrome extension that rerouted searches through attacker servers. Here’s what users ...
A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information.
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC , travels in Python proof-of-concept (PoC) ...