A total of 16 Google Chrome extensions were identified as compromised. These extensions were injected with obfuscated scripts designed to steal data, modify HTTP requests, and inject unauthorized advertisements.

Once the AsyncRAT payload is loaded, it establishes control over the victim’s system, allowing the attacker to remotely control the machine, steal data, install additional malware, or launch further attacks.

Mozilla has responded swiftly to these vulnerabilities, releasing a series of security fixes in updated versions, including Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 135, and Thunderbird ESR 128.7.

Sector 16 claimed sole responsibility for hacking into the control systems of a U.S. oil and gas production facility, and released a video “purportedly demonstrating their access to the facility’s operational data and systems,” Cyble said.

Following the DeepSeek’s rapid popularity, a concerning trend has emerged. Cybercriminals have begun to exploit its growing recognition to launch scams and malware campaigns.

The attackers heavily rely on PowerShell and BAT scripts to download additional payloads and create an administrative user account on compromised systems, lowering authentication barriers for unauthorized remote access.

The malware campaign is based on ClickFix fake browser update malware and has infected over 6,000 sites since June 2024, totaling over 25,000 sites since August 2023. The hackers are using stolen credentials to install the bogus plugins.

The malware primarily targets professionals in digital marketing, e-commerce, and performance marketing sectors, especially those involved in Meta advertising in the US, by crafting deceptive documents tailored to this demographic.

The U.S. has indicted members of Russia's GRU Unit 29155 for cyberattacks on Ukraine under Operation Toy Soldier. The indictment charges six individuals, five of whom are military officers, with conspiring to hack into Ukrainian government systems.

Chinese researchers have claimed to successfully break RSA encryption using D-Wave's quantum computing technology, sparking concerns about the security of traditional cryptographic methods.