Security Boulevard

Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Infosecurity Magazine

OysterLoader Evolves With New C2 Infrastructure and Obfuscation

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
MIT Technology Review

Welcome to the dark side of crypto’s permissionless dream

Jean-Paul Thorbjornsen is a leader of THORChain, a blockchain that is not supposed to have any leaders—and is reeling from a series of expensive controversies.
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.