HealthcareInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

108 Google Chrome Extensions Are Stealing User Data, Over 20,000 Users Affected

Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen ...
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...

LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...

LinkedIn scanning users’ browser extensions sparks controversy and two lawsuits

LinkedIn is facing two lawsuits over its practice of scanning users’ browsers to determine which extensions they’re running.
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
PCMag UK on MSN

LinkedIn Faces Spying Allegations Over Browser Extension Scanning

A German group claims LinkedIn is 'illegally searching' users' computers. But the Microsoft-owned site says it collects data ...

New "BrowserGate" report claims LinkedIn secretly scans user browsers

LinkedIn calls it a smear campaign, but does not deny scanning people's browsers for extensions.

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...

GrafanaGhost: The AI That Leaked Everything Without Being Hacked

A newly disclosed vulnerability reveals how AI assistants can become invisible channels for data exfiltration — and why ...