Google Zero-Day Alert For 3.5 Billion Chrome Users—Attacks Underway

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day vulnerabilities.
The Hacker News

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

OFAC sanctions DPRK IT fraud network using fake jobs and AI tactics, exposing funding links to WMD programs and insider threats.
The Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.