Submit the keyword or topic you are searching for

  1. Home
  2. Technology
  3. ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]
Technology

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner.This week, we dive into the hidden risks, surprising loopholes, and the clever tricks

featured-image

Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner.

This week, we dive into the hidden risks, surprising loopholes, and the clever tricks cybercriminals are using to outsmart the systems we depend on. Stay with us as we unpack what's happening behind the screen and how you can stay one step ahead. Dozens of Google Chrome Extensions Caught Stealing Sensitive Data — The challenges with securing the software supply chain reared once again after about three dozen extensions were found surreptitiously siphoning sensitive data from roughly 2.



6 million devices for several months as part of two related campaigns. The compromises came to light after data loss prevention service Cyberhaven revealed that its browser extension was updated to include malicious code responsible for stealing credentials for Facebook and OpenAI ChatGPT and other data. The attack was made possible through a spear-phishing email sent to one of the company's employees, urging them to take immediate action for failing to comply with Google Chrome Web Store policies.

A link in the email led to a Google consent screen requesting access permission for an OAuth application named Privacy Policy Extension. Once granted access, the rogue application gave the attacker the ability to push a malicious version of Cyberhaven's Chrome extension to the Chrome Web Store. Since then, it has emerged that several other extensions have been targeted in a similar manner.

One of these extensions, named Reader Mode, is also said to have been targeted along with a few others as part of a related data-gathering activity that started no later than April 2023. The malicious code, which appears to be part of a monetization library, is designed to log every website visited on the browser. The development is another sign that browser add-ons are a weak link in the security chain.

Your favorite software might be hiding serious security cracks—don't wait for trouble to find you. Update now and stay one step ahead of the threats! This week's list includes — CVE-2024-43405 (ProjectDiscovery Nuclei), CVE-2024-54152 (Angular Expressions), CVE-2024-12912 , CVE-2024-13062 (ASUS router AiCloud), CVE-2024-12828 (Webmin CGI), CVE-2024-56040 , CVE-2024-56041 (VibeThemes VibeBP), CVE-2024-56042 , CVE-2024-56043 , CVE-2024-56044 , CVE-2024-56045 , CVE-2024-56046 (VibeThemes WPLMS), CVE-2024-56249 (Webdeclic WPMasterToolKit), CVE-2024-56198 (path-sanitizer npm package), CVE-2024-55078 (WukongCRM), and CVE-2024-12583 (Dynamics 365 Integration plugin). Upgrade Your Network Security — Take your network security to the next level with powerful, free tools designed to keep threats at bay.

Use PfSense for enterprise-grade firewall protection and pair it with Suricata or Snort for real-time threat detection. Detect rogue devices with WiFiGuard and suspicious Wi-Fi activity with Kismet. Secure your communication with ZeroTier for private networking and encrypt DNS queries using DNSCrypt-Proxy or NextDNS to block malicious domains.

Plant decoys using Canarytokens to catch intruders, monitor activity with Wireshark, and safeguard SSH with Fail2Ban against brute-force attacks. Strengthen Wi-Fi with WPA3 and 802.11w Management Frame Protection, and track your network's health in real-time using Netdata.

These free tools give you enterprise-level defense at no cost—your network's secret weapon. That's a wrap for this week! If there's one thing we've learned, it's that staying safe online isn't just about tech—it's about the choices we make every day. Whether it's ignoring a shady email, keeping your apps updated, or thinking twice before clicking "yes," small steps can make a big difference.

The digital world moves fast, but with a little care and attention, we can stay ahead. Keep asking questions, stay alert, and remember—we're all in this together. See you next week with more updates to keep you informed and ready.

.

My Protein Germany

Myprotein UK

Menkind UK

Top News

Salma Hayek's Epic Golden Globe Tribute – Cheers For Winners, Love For Losers; Poses With A-listers

In her latest Instagram post, the iconic Salma Hayek deliver...

Gwalior Junior Doctor Rape Accused Arrested; Bajrang Dal Leader Arrested For Raping Woman In Kanpur

As The Last of Us season 2 gets a release month, a very red trailer teases some recognisable, miserable moments made live-action

Hong Kong to offer just one land plot this quarter amid developer caution

Related Posts

post-thumbnail
Technology

23 years ago, Apple launched one of the most beloved Macs of all time

post-thumbnail
Technology

May Mobility reveals electric autonomous minibus at CES 2025

post-thumbnail
Technology

Midas List 2025: Submissions Open To Rank The World’s Top Venture Capitalists

post-thumbnail
Technology

Hypershell X Series: Redefining Mobility at CES 2025

post-thumbnail
Technology

Corero Network Security Achieves 16% ARR Growth, Driving Momentum into 2025

post-thumbnail
Technology

AGI Is Coming In 2025. Schools Urgently Need A Strategy

post-thumbnail
Technology

Best smartphones for older people to buy in 2025

post-thumbnail
Technology

iPhone 15 Available With Massive Discount On Flipkart; Check Out The Limited Time Deal