SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.

Google will soon penalize sites that hijack your browser’s back button

Google's new spam policy targets back button hijacking. Starting June 15th, sites that manipulate the back button will get ...
PCMag UK

Stuck on a Website? Google Cracks Down on Aggravating 'Back Button Hijacking'

Google says it's seen a rise in shady and spam websites using 'Back button hijacking' to try and trap or manipulate users ...
Foreign Affairs

Cyberwar’s New Frontier

Policymakers must work with frontier AI labs to establish reporting requirements for security incidents similar to the one that Anthropic revealed in 2025. Effective disclosure will require consistent ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

WordPress websites under attack — dozens of plugins hijacked to target thousands of sites

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.
SecurityWeek

100 Chrome Extensions Steal User Data, Create Backdoor

Over 100 Chrome extensions sharing C&C infrastructure were seen stealing user data, injecting ads, and containing a backdoor.
The Next Web

Google classifies back button hijacking as spam, enforcement starts June 2026

Google's new spam policy targets sites that trap users by hijacking the back button. Enforcement begins 15 June, with ranking ...
The Tech Edvocate

Urgent Chrome Security Flaw: A Deep Dive into the Latest Zero-Day Exploit

Spread the loveIn a significant security alert, Google’s Threat Analysis Group has revealed a critical zero-day vulnerability, designated as CVE-2026-1234, within the V8 JavaScript engine of its ...