Executive Summary On 2026-04-14 a coordinated campaign of 108 malicious Chrome extensions was uncovered by AlienVault. The extensions, published under five different developer names, share a single command‑and‑control (C2) infrastructure that harvests Google identities, steals Telegram
Continue ReadingMonth: April 2026
Adobe Reader Zero Day Exploitation
On April 7 2026, a security researcher disclosed a critical zero‑day vulnerability in Adobe Reader that has been actively exploited in the wild since at least December 2025. The flaw allows threat actors to execute privileged Acrobat APIs via
Continue ReadingFake Windows Support Site Distributes Password Stealer
The latest threat landscape feature a highly convincing fake Microsoft support website that is designed to deliver a password‑stealing malware bundle. The campaign, first spotted on microsoft-update.support, masquerades as an official Windows update portal and lures
Continue Reading