A browser hijacking campaign has infected 2.3 million users of Chrome and Edge through malicious extensions that started as legitimate tools. These extensions, which include features like color pickers and emoji keyboards, were later updated to include malware that tracks user activity and redirects browser sessions. Microsoft has removed the extensions from its store, but Google has not yet responded to the incident.

FreeVPN.One, initially a trusted VPN, has been caught secretly capturing users' screens and sensitive information without consent through a series of updates that expanded its permissions and functionality. Despite claiming to protect user privacy, the extension employs deceptive practices to surveil users, raising serious concerns about security in browser marketplaces. The article highlights the risks associated with malicious extensions and the need for better oversight in software security.

A new attack known as "pixnapping" has emerged, targeting Android devices by using pixel-stealing techniques to access sensitive information. This method allows attackers to manipulate the display output, potentially compromising user data without their knowledge. Users are advised to remain vigilant and update their security measures to protect against this threat.

A new malware, identified as CL-STA-0969, has been discovered that covertly installs itself on targeted systems, posing a significant threat to users' security and privacy. Researchers warn that this malware is capable of evading detection by traditional antivirus software, making it particularly dangerous. Users are advised to enhance their security measures to protect against this emerging threat.