Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 6

Get the latest international news and world events from around the world.

Log in for authorized contributors

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Interestingly, the original extension developer has published several other extensions under their name on the Chrome Web Store, and all of them have received a Featured badge. The developer also has an account on ExtensionHub, although no extensions are currently listed for sale. What’s more, the individual has attempted to sell domains like “AIInfraStack[.]com” for $2,500, stating the “strong keyword domain” is “relevant for [sic] rapidly growing AI ecosystem.”

“This is the extension supply chain problem in a nutshell,” Annex Security said. “A ‘Featured,’ reviewed, functional extension changes hands, and the new owner pushes a weaponized update to every existing user.”

The disclosure comes as Microsoft warned of the malicious Chromium‑based browser extensions that masquerade as legitimate AI assistant tools to harvest LLM chat histories and browsing data.

Microsoft: Hackers abusing AI at every stage of cyberattacks

Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack.

According to a new Microsoft Threat Intelligence report, attackers are using generative AI tools for a wide range of tasks, including reconnaissance, phishing, infrastructure development, malware creation, and post-compromise activity.

In many cases, AI is used to draft phishing emails, translate content, summarize stolen data, debug malware, and assist with scripting or infrastructure configuration.

Microsoft Teams phishing targets employees with A0Backdoor malware

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor.

The attacker relies on social engineering to gain the employee’s trust by first flooding their inbox with spam and then contacting them over Teams, pretending to be the company’s IT staff, offering assistance with the unwanted messages.

To obtain access to the target machine, the threat actor instructs the user to start a Quick Assist remote session, which is used to deploy a malicious toolset that includes digitally signed MSI installers hosted in a personal Microsoft cloud storage account.

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

At the same time, the use of weak credentials or misconfigurations has dropped significantly in the second half of 2025, Google notes in a report highlighting the trends on threats to cloud users.

According to the report, incident responders determined that bug exploits were the primary access vector in 44.5% of the investigated intrusions, while credentials were responsible for 27% of the breaches.

Ericsson US discloses data breach after service provider hack

Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to an undisclosed number of employees and customers after hacking one of its service providers.

Headquartered in Stockholm and founded in 1876, the parent company is a communications tech leader with nearly 90,000 employees worldwide.

In data breach notification letters sent to affected individuals and filed with the California Attorney General on Monday, Ericsson said that a service provider who was storing personal data for employees and customers discovered a breach on April 28, 2025.

Dutch govt warns of Signal, WhatsApp account hijacking attacks

Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages.

This report comes from the Netherlands Defence Intelligence and Security Service (MIVD) and the Netherlands General Intelligence and Security Service (AIVD), who confirmed that Dutch government employees have been targeted in the attacks.

The Dutch intelligence agencies say the operation relies on phishing and social-engineering techniques that abuse legitimate authentication features to take over accounts and covertly monitor new messages.

“At First, We Thought Something Was Wrong” — NASA DART Mission Reveals a Cosmic Snowball Fight

Images from NASA’s DART mission revealed the first direct evidence that asteroids in a binary system can exchange rocks and dust. Slow moving debris from the asteroid Didymos appears to have struck its moon Dimorphos, leaving distinctive streaks scientists describe as “cosmic snowballs.” Around 1

Chemistry in Pictures: Glowing with pride

“It looks like a tiny solar system. But instead of planets, it’s a snapshot of my research journey in the lab,” says Sadiya Tanga, a chemistry graduate student at Ashoka University. Tanga’s work has focused on a type of drug molecule called proteolysis-targeting chimeras, or PROTACs for short. PROTACs have two active ends, one that grabs a target protein and another that grabs a molecular flag that tells the cell to break down the whole assembly as waste. “Each glowing flask and sphere holds a different compound I worked hard to design and synthesize,” Tanga says. “The colors you see are from parts of the molecules that shine under UV light.”

Neuroimaging Biomarkers of Disease Progression and Cognitive Change in Patients With Retinal Vasculopathy With Cerebral Leukoencephalopathy

The official journal of the Guarantors of Brain. Provides researchers and clinicians with original contributions in neurology by publishing a wide range of original studies in neurological science, in addition to practical clinical articles.

Scientists discover hidden brain cells that may stop Alzheimer’s tau buildup

Scientists have uncovered a surprising new role for little-known brain cells called tanycytes that may influence the development of Alzheimer’s disease. These specialized cells appear to help remove toxic tau protein from the brain by transporting it from the cerebrospinal fluid into the bloodstream. When tanycytes become damaged or dysfunctional, tau can accumulate in the brain, a hallmark of Alzheimer’s.

/* */