SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks

A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as “SearchJack” has quietly hijacked the default search settings of roughly 758,000 users, routing queries through operator-controlled monetization middleware before returning results. At first glance the extensions promise useful features…

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

CVE-2026-0257’s GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring pattern of perimeter device failures demands more than a patch cycle. Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure on Latest Hacking…

SecSuite – AI-powered Tool for OSINT, Web and API Security Testing

A new open-source security platform called SecSuite, developed under the TheSecuredAnalyst project, has been released, combining OSINT reconnaissance, web vulnerability scanning, API security assessment, compliance checking, and AI-powered analysis into a single unified toolkit. Available on GitHub at 53cur3dL34rn/security-suite, the tool targets security professionals,…

PromptSnatcher Browser Extensions Abuse AI Platforms to Capture Full Chat Conversations

PromptSnatcher (internal identifier: Panel 231) is a modern, stealthy data collection operation embedded inside two browser extensions that masquerade as ad‑blockers while harvesting full chat conversations and account metadata from major AI platforms. The extensions deliver genuine ad‑blocking and cookie‑banner…