The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
The Hacker News

Session Cookie Theft: You Showed Your ID at the Door. But Someone Else Has Your Room Key

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.
Morning Overview on MSN

Chrome adds device-bound sessions to curb infostealer cookie theft

Stolen browser cookies have become one of the most traded commodities on criminal marketplaces, letting attackers slip into ...
Computerworld

Chrome Token-Theft Extensions, Nadella Europe Sovereignty, ChatGPT Age-Checks | Ep. 41

In today’s 2-Minute Tech Briefing, researchers flag fake Chrome productivity extensions stealing session tokens from Workday, NetSuite, and SuccessFactors. Satya Nadella argues Europe’s sovereignty ...
Hosted on MSN

North Korean hackers using malicious QR codes in spear phishing, FBI warns

North Korean group Kimsuky is using QR code phishing to steal credentials Attacks bypass MFA via session token theft, exploiting unmanaged mobile devices outside EDR protections FBI urges ...

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...