Author: Trendici

Image generated from Gemini Nano Banana A fake Google Antigravity download is exposing user accounts to compromise within minutes. What looks like a normal install actually delivers the real app along with hidden malware, giving attackers a quiet way in. The campaign centers on a trojanized installer distributed through a lookalike domain that closely mimics the real Antigravity download site. Victims receive the full working application, but a hidden script connects to attacker-controlled servers and can later deploy data-stealing malware. Once activated, it can extract browser sessions, saved credentials, and other sensitive data, allowing attackers to access accounts almost immediately…

Image: sapannpix/Adobe Microsoft says hackers are ditching malware for social engineering on Teams by simply asking employees for access — and getting it. A recent surge in impersonation scams has seen hackers posing as IT Desk assistants to bypass security defenses. The attacks rely on real-time social engineering, with threat actors setting up Teams chats that mimic IT support requests. Victims are urged to either approve access or launch remote management sessions, turning simple trusted conversations into a full network compromise. Because these activities use trusted tools, user-approved actions, and target-specific data, they are significantly more difficult to detect than…

Image: akportfolio24/Envato One fake Apple alert is all it takes to send someone into a tailspin. A new phishing scam uses what appears to be a legitimate Apple security notification to trick people into believing an $899 iPhone was purchased through PayPal. The email looks authentic enough to spark panic, but its real goal is to push recipients into calling a bogus support number controlled by scammers. What makes this scheme especially unsettling is how convincing the message appears at first glance. And once researchers took a closer look, they found the scam had a surprisingly clever twist. What the…

Image: vinnikava/Envato A widespread browser extension campaign is quietly compromising users by disguising data-stealing tools as TikTok video downloaders. “While many people see browser extensions as harmless little widgets, oftentimes they have no idea who is actually behind these extensions, and what capabilities they contain within their source code,”  said Natalie Zargarov, security researcher at LayerX, in an email to eSecurityPlanet. She added, “This is why users and enterprises need to be vigilant about the extensions they install, to make sure their sensitive data is not stolen.” Inside the StealTok extension campaign This campaign underscores a growing blind spot in…

What are your favorite TLC meals? You know, those “can-I-bring-over” recipes you make for loved ones who need a little support. I’ve been thinking about this recently, thanks to Zahra Tangorra’s new memoir, Extra Sauce, about “the great meals and great loves” of her life. “Cooking is such a powerful way to care for someone,” she told me. “In an ever-more-technological world, cooking is an ‘analog’ love language.” Below, Zahra and eight other food writers share the dishes they bring to loved ones… Zahra Tangorra, chef and author of Extra Sauce“Lasagna is what I always make when someone loses a…

Developer Rebel Wolves has announced a special livestream for its upcoming action RPG The Blood of Dawnwalker. Airing next week on April 28, the stream will reveal new details about the game, including its release date.The “Road to Launch” livestream airs at 9 a.m. PT/12 p.m. ET and will showcase new gameplay footage “with a particular focus on activities tied to the game’s open world,” explains game director Konrad Tomaszkiewicz in a press release. The presentation will also debut a new story trailer, feature developer insights into the game’s storytelling, and share the system requirements, among other announcements.  The Blood of…

The government has terminated its Royal Mail pension scheme contract with Capita after citing failures to hit milestones. The announcement comes as Capita faces pressure in relation to the disruption to the Civil Service Pension Scheme (CSPS) since it took over administration in December.Cabinet Office minster Nick Thomas-Symonds told MPs that the contract has been terminated because the outsourcing provider “failed to deliver numerous milestones”, adding: “Following a failure to meet critical transition milestones, and a lack of confidence in Capita’s ability to implement and transition to the new operating model in a timely fashion, I’m announcing today to the…

Critical local infrastructure that supports council services, social care services and local transport in the UK is falling through the gaps in government and business planning for cyber resilience, claims Jonathan Lee, director of cyber strategy at cyber security company TrendAI. In an interview with Computer Weekly, Lee says that municipal areas, such as London or Greater Manchester, could be at risk from multiple cyber attacks that could damage local infrastructure, causing escalating problems for residents that could add up to severe disruption. “We need to be thinking about what would happen if multiple attacks happened at the same…

Lloyds Register has assessed using artificial intelligence (AI)-based navigation systems for shipping. The trial assessed the performance of the Orca AI navigation platform and looked at the role of AI in enhancing situational awareness and supporting human decision-making at sea. “From a human factors’ perspective, it is not just about what the technology can do; it is about how effectively it supports the human operator,” said Stephanie McLay, team lead of human factors at Lloyds Register. “These workshops demonstrated how structured feedback and user-centred design can play a critical role in shaping safer and more usable AI-enabled navigation systems.”…

The UK aims to build “national scale” cyber defence capabilities to respond to growing threats from hostile states and artificial intelligence (AI)-powered attacks. Security minister Dan Jarvis said today that defending against “frontier AI” will require a national effort from government and businesses. He said the government was “laying the groundwork” for a national capability, which has been dubbed the “national cyber shield”, to protect the UK against cyber threats, and called for AI companies to work directly with the government to develop AI to defend against automated cyber attacks. The government’s vision is to develop defensive AI technology that…