Latest

How scrolling Reddit led me to find a new (for me) type of malvertising that leverages LLM shared chats to distribute crypto/infostealers targeting MacOS.

A while ago, our SOC team intercepted a suspicious Zscaler alert indicating one of our users’ browsers was leaking internal Okta URLs to external domains. A deeper dive revealed a cluster of malicious Chrome extensions—collectively installed by millions of users and designed to exfiltrate browsing history (including sensitive URL parameters) and, if desired, redirect victims to attacker-controlled sites.