Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...
CSO Online

6 ways attackers abuse AI services to hack your business

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...
SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.
TWCN Tech News

How to schedule Automatic Shutdown using Command Prompt in Windows 11

In this post, we will show you how to shut down Windows 11/10 PC at scheduled time using Command Prompt. You can enter a time of your choice and execute the command using CMD or Command Prompt window.
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...
Business Insider

airSlate SignNow Launches MCP Server: From Prompt to Signed — In No Time

BOSTON, March 18, 2026 (GLOBE NEWSWIRE) -- airSlate SignNow, an award-winning provider of e-signature solutions, today announced the launch of the SignNow MCP Server — a Model Context Protocol (MCP) ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Digit

Using an old iPhone? This DarkSword hack can quietly steal your data in seconds, how to be safe

If you’re using an old iPhone with an older version of iOS, you should be aware. According to Google, Lookout, and iVerify, a newly identified cyberattack campaign called DarkSword is targeting Apple ...