The White House Launched Its Own App With A Glaring Privacy Issue

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...
The Hacker News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
MalaysianWireless

Google says DarkSword targeted iOS users in Malaysia

Google says DarkSword was used against iOS users in Malaysia, targeting vulnerable older iPhone software through malicious ...
SecurityWeek

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.
TechJuice

Critical Flaw in Claude Chrome Extension Allowed Malicious Prompt Injection

Claude extension flaw allowed zero click attacks, letting hackers inject commands and access sensitive user data.

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Google Threat Intelligence Group (GTIG), Lookout Threat Labs, and iVerify published coordinated research in March 2026 on ...