Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege escalation, raising concerns about the future of browser data security.
Decrypt

Resolv Labs Stablecoin Depegs, Plunges 74% After $25M Exploit

A compromised key enabled an attacker to illegally mint 80 million USR tokens, causing the stablecoin to lose its dollar peg.

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and ...
The Hacker News

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical CVEs to patch.

When Today's Network Encryption Becomes Tomorrow's Liability

Network encryption was designed for a world in which adversaries needed to break cryptography in real time to extract value.
InfoQ

Java 26 Delivers Language Innovation, Library Improvements, Performance and Security

Oracle has released version 26 of the Java programming language and virtual machine. As the first non-LTS release since JDK 25, the final feature set includes 10 JEPs, five of which are still ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...