Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Researchers Disrupt Major Botnet Network After It Infects Millions of Android Devices

  Security researchers have dismantled a substantial portion of the infrastructure powering the Kimwolf and Aisuru botnets, cutting off comm...

All the recent news you need to know
Technology
agentic browser AI Chrome for Android Chrome Glic Chromium update Gemini integration Google Gemini Technology

Google Appears to Be Preparing Gemini Integration for Chrome on Android

 

Google appears to be testing a new feature that could significantly change how users browse the web on mobile devices. The company is reportedly experimenting with integrating its AI model, Gemini, directly into Chrome for Android, enabling advanced agentic browsing capabilities within the mobile browser.

The development was first highlighted by Leo on X, who shared that Google has begun testing Gemini integration alongside agentic features in Chrome’s Android version. These findings are based on newly discovered references within Chromium, the open-source codebase that forms the foundation of the Chrome browser.

Additional insight comes from a Chromium post, where a Google engineer explained the recent increase in Chrome’s binary size. According to the engineer, "Binary size is increased because this change brings in a lot of code to support Chrome Glic, which will be enabled in Chrome Android in the near future," suggesting that the infrastructure needed for Gemini support is already being added. For those unfamiliar, “Glic” is the internal codename used by Google for Gemini within Chrome.

While the references do not reveal exactly how Gemini will function inside Chrome for Android, they strongly indicate that Google is actively preparing the feature. The integration could mirror the experience offered by Microsoft Copilot in Edge for Android. In such a setup, users might see a floating Gemini button that allows them to summarize webpages, ask follow-up questions, or request contextual insights without leaving the browser.

On desktop platforms, Gemini in Chrome already offers similar functionality by using the content of open tabs to provide contextual assistance. This includes summarizing articles, comparing information across multiple pages, and helping users quickly understand complex topics. However, Gemini’s desktop integration is still not widely available. Users who do have access can launch it using Alt + G on Windows or Ctrl + G on macOS.

The potential arrival of Gemini in Chrome for Android could make AI-powered browsing more accessible to a wider audience, especially as mobile devices remain the primary way many users access the internet. Agentic capabilities could help automate common tasks such as researching topics, extracting key points from long articles, or navigating complex websites more efficiently.

At present, Google has not confirmed when Gemini will officially roll out to Chrome for Android. However, the appearance of multiple references in Chromium suggests that development is progressing steadily. With Google continuing to expand Gemini across its ecosystem, an official announcement regarding its availability on Android is expected in the near future.

Read more »
Lynx ransomware
Cyber Attacks Cyber Breach Cyber Security Ransomware Attacks cybercrime gangs data security Data Stolen Lynx ransomware

Russia-Linked Lynx Gang Claims Ransomware Attack on CSA Tax & Advisory

 

A breach surfaces in Haverhill - CSA Tax & Advisory, a name among local finance offices, stands at the center. Information about clients, personal and business alike, may have slipped out. A digital crew tied to Russia, calling themselves Lynx, points to the act. Their message appears online, bold, listing the firm like an entry in a ledger. Data, they say, was pulled quietly before anyone noticed. Silence hangs from the office itself - no word given, no statement released. What actually happened stays unclear, floating between accusation and proof.  

Even though nothing is confirmed by officials, Lynx put out what they call test data from the breach. Looking over these files, experts at Cybernews noticed personal details like complete names, Social Security digits, home locations, billing documents, private company messages, healthcare contracts for partners, and thorough income tax filings. What stands out are IRS e-signature approval papers - these matter a lot because they confirm tax returns. Found inside the collection, such forms raise concerns given how crucial they are in filing processes.

A single slip here might change lives for the worse if what's said turns out true. With Social Security digits sitting alongside home addresses and past tax filings, danger lingers far beyond the first discovery. Fraudsters may set up fake lines of credit, pull off loan scams, file false returns, or sneak through security gates at banks and public offices. Since those ID numbers last forever, harm could follow people decade after decade. 

Paperwork tied to taxes brings extra danger. Someone might take an IRS e-filing form and change real submissions, send fake ones, or grab refunds before the rightful person notices. Fixing these problems usually means long fights with government offices, draining both money and peace of mind. If details about a spouse’s health plan leak, scammers could misuse that for false claims or pressure someone by threatening to reveal private medical facts. 

What happened might hit companies harder than expected. Leaked messages inside the firm could expose how decisions get made, who trusts whom, along with steps used to approve key tasks - details that open doors for scams later on. When private info like Social Security digits or tax records shows up outside secure systems, U.S. rules usually demand public alerts go out fast. Government eyes tend to follow, including audits from tax authorities, pressure from local agencies, even attention at the national level. Legal fights may come too, alongside claims about failed duties, especially if proof confirms something truly went wrong here. Trust once broken rarely bounces back quickly.
Read more »
Technology
AI ai agents Corporate Data Technology

AI Agent Integration Can Become a Problem in Workplace Operations


AI agents were considered harmless sometime ago. They did what they were supposed to do: write snippets of code, answer questions, and help users in doing things faster. 

Then business started expecting more.

Slowly, companies started using organizational agents over personal copilots- agents integrated into customer support, HR, IT, engineering, and operations. These agents didn't just suggest, but started acting- touching real systems, changing configurations, and moving real data:

  • A support agent that gets customer data from CRM, triggers backend fixes, updates tickets, and checks bills.
  • An HR agent who overlooks access throughout VPNs, IAM, SaaS apps.
  • A change management agent that processes requests, logs actions in ServiceNow, updates production configurations and Confluence.
  • These AI agents automate oversight and control, and have become core of companies’ operational infrastructure

Work of AI agents

Organizational agents are made to work across many resources, supporting various roles, multiple users, and workflows via a single implement. Instead of getting linked with an individual user, these business agents work as shared resources that cater to requests, and automate work of across systems for many users. 

To work effectively, the AI agents depend on shared accounts, OAuth grants, and API keys to verify with the systems for interaction. The credentials are long-term and managed centrally, enabling the agent to work continuously. 

Threat of AI agents in workplace 

While this approach maximizes convenience and coverage, these design choices can unintentionally create powerful access intermediaries that bypass traditional permission boundaries.

Although this strategy optimizes coverage and convenience, these design decisions may inadvertently provide strong access intermediaries that go beyond conventional permission constraints. The next actions may seem legitimate and harmless when agents inadvertently grant access outside the specific user's authority. 

Reliable detection and attribution are eliminated when the execution is attributed to the agent identity, losing the user context. Conventional security controls are not well suited for agent-mediated workflows because they are based on direct system access and human users. Permissions are enforced by IAM systems according to the user's identity, but when an AI agent performs an activity, authorization is assessed based on the agent's identity rather than the requester's.

The impact 

Therefore, user-level limitations are no longer in effect. By assigning behavior to the agent's identity and concealing who started the action and why, logging and audit trails exacerbate the issue. Security teams are unable to enforce least privilege, identify misuse, or accurately assign intent when using agents, which makes it possible for permission bypasses to happen without setting off conventional safeguards. Additionally, the absence of attribution slows incident response, complicates investigations, and makes it challenging to ascertain the scope or aim of a security occurrence.

Read more »
Vulnerabilities and Exploits
Cl0p Ransomware Data Leak Korean Air Supply-Chain Attack Vulnerabilities and Exploits

Korean Air Employee Data Exposed in Cl0p Ransomware Supply-Chain Attack

 

Korean Air has acknowledged the theft of sensitive data belonging to 30,000 current and former employees in a serious data breach. The breach occurred via a supply-chain compromise at KC&D Service, the airline's former catering subsidiary. Hackers exploited a critical flaw in Oracle E-Business Suite, tracked as CVE-2025-61882, that enabled code execution remotely without requiring any user interaction or authentication to login. Cl0p ransomware operators claimed responsibility for the attack, and after ransom demands were apparently ignored, they dumped almost 500 GB of stolen archives on their dark web site. 

The intrusion occurred at KC&D, which, though it was sold to Hahn & Company in 2020, was still handling in-flight meals and duty-free services. Korean Air continues to own a 20% stake and has continued sharing employee data through KC&D's ERP server. The attackers targeted Oracle EBS versions 12.2.3 through 12.2.14 to bypass authentication and reach sensitive systems. The vulnerability was publicly disclosed in early October 2025, after initial exploitation that started in August. Although Oracle promptly released patches, the combination of late detection and widespread exposure caused data exfiltration to spread across many victims. 

The stolen information includes full names and bank account numbers, which increases the risk of identity theft, financial fraud and phishing attacks for those whose information was compromised. Importantly, no customer data, including flight records or payment information, was compromised, preventing wider impact on operations. Korean Air on Dec. 29, 2025, advised the employees to be cautious of scams and took emergency security measures, disconnecting the KC&D servers and filing a report with the Korea Internet and Security Agency (KISA).

This attack is reminiscent of the 2023 MOVEit Transfer breach conducted by Cl0p, a similar file-transfer exploit that resulted in the compromise of millions of records from hundreds of companies. Dozens of EBS victims have surfaced, including Envoy Air, Harvard University, Schneider Electric, Emerson, Cox Enterprises, Logitech, and Barts Health NHS Trust, underscoring the campaign's global scale. Cl0p, a Russia-nexus extortion group linked to FIN11, prioritizes data theft over encryption for high-value targets. 

The incident emphasizes enduring supply-chain risk in aviation and enterprise software, underscoring the importance of timely patching, third-party risk assessments, and zero-trust architectures. Korean Air Vice Chairman Woo Kee-hong confirmed full dedication to breach scoping and support for its employees in the midst of South Korea's wave of cyberattacks, which also targeted Coupang and SK Telecom in recent days. Organizations around the globe need to review their Oracle EBS exposures and keep an eye on Cl0p leak sites in order to reduce risk.
Read more »
Voice-Driven AI
AI Hardware Ecosystem AI Security Infrastructure Cross-Platform AI OpenAI Agora Real-Time AI Communication Secure Digital Platforms Technology Tokenised Payments Voice-Driven AI

ChatGPT Prepares Cross-Platform Expansion With Project Agora


It appears that OpenAI is quietly setting the foundation for its next significant product evolution, as early technical signals indicate the development of a new cross-platform initiative that is internally codenamed "Agora" and promises to be the next major step forward for its translation capabilities. 

Tibor Blaho, a prominent AI researcher, discovered previously undisclosed placeholders buried within the latest versions of OpenAI’s website code, as well as its Android and iOS applications. It was evident from that evidence that active development takes place across desktop and mobile platforms. 

'Agora' is the Greek word for a public gathering space or marketplace, which means community, and its use within the software industry has sparked informed speculation, with leaks revealing references like 'is_agora_ios' and 'is_agora_android' as hints of a tightly controlled, cross-platform experience. 

As a result of the parallels between the project and established real-time media technologies bearing the same name, analysts believe the project could signal anything from the development of a unified, cross-platform application, a collaborative social environment, to the development of a more advanced, real-time voice or video communication framework. 

As news has surfaced recently about OpenAI's interest in developing an AI-powered headset, which raises the possibility that Agora could serve as a foundational layer for a broader hardware and software ecosystem, this timing is noteworthy, as reports since surfaced indicate OpenAI is interested in building a headset powered by AI. 

Although the project has not yet been officially acknowledged by the company, OpenAI has already demonstrated its execution momentum by providing tangible improvements to its voice input capabilities that have been logged in to the system.

In this way, it has demonstrated a clear strategy toward providing seamless, interactive, and real-time AI experiences for logged-in users. These references suggest that the initiative is manufactured to operate seamlessly across multiple environments, possibly pointing to a unified application or a device-level feature that may be able to operate across platforms due to its breadth and depth of references. 

A term commonly associated with public gathering spaces and marketplaces is the name “Agora,” which has fueled speculation that OpenAI is exploring the possibility of collaborating with communities in an effort to enhance their interaction with each other.

A number of experts have suggested that the name may be a reference to real-time communication technology, given that it has been associated with a variety of audio and video development frameworks.

It is interesting to note that these findings have been released alongside reports that OpenAI is considering new AI-powered hardware products, such as wireless audio devices positioned as potential alternatives to Apple's AirPods, and that Agora could be an integral part of this tightly integrated hardware-software ecosystem in the future.

In addition to these early indicators, ChatGPT has already seen tangible improvements as a result of the latest update. OpenAI, the artificial intelligence system, has significantly improved the performance of dictation by reducing empty transcriptions and improving overall accuracy of dictation, thus reinforcing the company's commitment to voice-driven, real-time interaction. 

An important part of this initiative is to address longstanding inefficiencies in cross-border payments that have existed for a long time. Due to the fragmented correspondent banking networks that they rely on, cross-border payments remain slow, expensive, and difficult to track. They are characterized by a lack of liquidity and difficulty managing cash flows. 

In addition, the Agorá Project is exploring alternatives to existing wholesale payment frameworks based on tokenization and utilizing advanced digital mechanisms such as smart contracts to achieve faster settlements, greater transparency, and better accessibility than their current counterparts. 

Developing tokenized representations of commercial bank deposits and central bank reserves is an example of the project's focus on understanding how to execute transactions in a secure and verifiable manner, while preserving the crucial role that central bank money plays in terms of being the final settlement asset. 

There are several benefits to this approach, such as eliminating counterparty credit risk, ensuring transaction finality, and strengthening financial stability, in addition to providing new payment capabilities such as atomic, always-on, or conditional payments, among others. 

The initiative is not only evaluating the technical aspects of tokenised money, but will also assess both the regulatory and legal consequences of tokenised money, including they will assess if the tokenised money complies with settlement finality rules, anti-money laundering obligations, and counter-terrorism financing regulations across different jurisdictions. 

Although Project Agorá is being positioned as an experimental prototype rather than a market-ready product, the results of its research could help shape the development of a more efficient, reliable, and transparent global payments infrastructure, and provide a blueprint for the future evolution of cross-border financial systems in the long run. 

Taking this into account, Agora's emergence reveals a broader strategic direction in which OpenAI has begun going beyond incremental feature updates toward building platform-agnostic platforms which can be extended across devices, use cases, and even industries in order to achieve their goals. 

In spite of the fact that Agora may ultimately be developed as a real-time communication layer, a collaborative digital environment, or a component of the infrastructure necessary to support future hardware and financial systems, its early signals indicate that it is focused strongly on interoperability, immediacy, and trust.

The advantages of taking such an approach could include better AI-driven workflows, closer integration between voice, data, and transactions, and the opportunity to design services that operate seamlessly across boundaries and platforms for enterprises and developers alike.

It has also been suggested that the parallel focus on regulatory alignment and system resilience reflects a desire to strike a balance between fast innovation and the stability needed for a wide-scale adoption of the innovations. 

In the meantime, OpenAI is continuing to refine these initiatives behind the scenes. Moreover, the Agora project shows how we may soon find that the next phase of AI evolution will be defined more by interconnected ecosystems, rather than by isolated tools, enabling real-time interaction, secure exchange, and sustained economic growth worldwide.

Read more »
Websites
Credit Card Cyber Security Financial Data Web Skimming Websites

Ongoing Web Skimming Operation Quietly Harvests Payment Data From Online Stores

 



Cybersecurity analysts have identified a sophisticated web skimming operation that has been running continuously since early 2022, silently targeting online checkout systems. The campaign focuses on stealing payment card information and is believed to affect businesses that rely on globally used card networks.

Web skimming is a type of cyberattack where criminals tamper with legitimate shopping websites rather than attacking customers directly. By inserting malicious code into payment pages, attackers are able to intercept sensitive information at the exact moment a customer attempts to complete a purchase. Because the website itself appears normal, victims are usually unaware their data has been compromised.

This technique is commonly associated with Magecart-style attacks. While Magecart initially referred to groups exploiting Magento-based websites, the term now broadly describes any client-side attack that captures payment data through infected checkout pages across multiple platforms.

The operation was uncovered during an investigation into a suspicious domain hosting malicious scripts. This domain was linked to infrastructure previously associated with a bulletproof hosting provider that had faced international sanctions. Researchers found that the attackers were using this domain to distribute heavily concealed JavaScript files that were loaded directly by e-commerce websites.

Once active, the malicious script continuously monitors user activity on the payment page. It is programmed to detect whether a website administrator is currently logged in by checking for specific indicators commonly found on WordPress sites. If such indicators are present, the script automatically deletes itself, reducing the risk of detection during maintenance or inspection.

The attack becomes particularly deceptive when certain payment options are selected. In these cases, the malicious code creates a fake payment form that visually replaces the legitimate one. Customers unknowingly enter their card number, expiration date, and security code into this fraudulent interface. After the information is captured, the website displays a generic payment error, making it appear as though the transaction failed due to a simple mistake.

In addition to financial data, the attackers collect personal details such as names, contact numbers, email addresses, and delivery information. This data is sent to an external server controlled by the attackers using standard web communication methods. Once the transfer is complete, the fake form is removed, the real payment form is restored, and the script marks the victim as already compromised to avoid repeating the attack.

Researchers noted that the operation reflects an advanced understanding of website behavior, especially within WordPress-based environments. By exploiting both technical features and user trust, the attackers have managed to sustain this campaign for years without drawing widespread attention.

This discovery reinforces the importance of continuous website monitoring and script validation for businesses, as well as cautious online shopping practices for consumers.

Read more »
Subscribe to: Comments (Atom)

Featured