The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

‘Hack Yourself’ Apple Attack Steals Mac Passwords

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.
Everyday Health

Should You Switch to the Wegovy Pill?

The arrival of the Wegovy pill (semaglutide), the first oral GLP-1 drug approved to treat obesity, means freedom of choice: Adults who are looking to lose weight and have at least one weight-related ...

Experts warn Claude Chrome extension could let hackers hijack your online browsing

Prompt injection attacks can now be carried out in browser extensions, experts warn.