Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
| 17 Feb 2026 | |
| Written by Gabi Gerber | |
| Attacks & Threats |
30 copycat apps tricked users, and Google itself, into thinking they're legitimate AI tools.
The Chrome Web Store has been infested with dozens of malicious browser extensions claiming to provide AI assistant functionality but that secretly are siphoning off personal information from victims.
Researchers at LayerX identified 30 Google Chrome extensions that are carbon copies of one another, but for some superficial differences in how they're branded. Many of them are quite popular, with tens of thousands of downloads apiece. They all masquerade as AI assistants — and they do a pretty good job of pretending — but secretly steal email content, browser content, and anything else the user willingly feeds them. More here
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs. More...
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestra… More...
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and t… More...
The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environment… More...
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandle… More...
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs. More...
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestra… More...
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and t… More...
The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environment… More...
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandle… More...
