Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.
IEEE

Fine-grained Manipulation Attacks to Local Differential Privacy Protocols for Data Streams

Abstract: Local Differential Privacy (LDP) enables massive data collection and analysis while protecting end users' privacy against untrusted aggregators. It has been ...
IEEE

EMMA: Scaling Mobile Manipulation via Egocentric Human Data

Abstract: Scaling mobile manipulation imitation learning is bottlenecked by expensive mobile robot teleoperation. We present Egocentric Mobile MAnipulation (EMMA), an end-to-end framework training ...