The Hacker News

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Zoom Stealer browser extensions harvest corporate meeting intelligence

A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft ...