The common threats that every Internet user can encounter when they go online are what we are going to discuss today. I wish they could go away, but it's not that easy. Vulnerability, malware, and phishing; they can affect anyone. Nonetheless, you might think that you are immune until you fall victim. Hopefully, not anytime soon.
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
The good news: Perplexity and Microsoft have released patches for their agentic web browsers, i.e., Comet and Microsoft Edge. What about Google? They won't fix it because it's low priority.
From the article:
What's notable about this attack is that it neither relies on a jailbreak nor a prompt injection. Rather, it achieves its goal by simply being polite, providing sequential instructions, and using phrases like "take care of," "handle this," and "do this on my behalf," that shift the ownership to the agent.
In other words, the attack highlights how sequencing and tone can nudge the large language model (LLM) to comply with malicious instructions without even bothering to check if each of those steps is actually safe.
The big catch: How whaling attacks target top executives
No one is telling you not to share some information on your social media accounts. Meanwhile, don't overshare. Why is this? You might be given attackers the information they need to carry out a spear phishing attack on your top executives.
From the article:
Just like a regular spear phishing or BEC attack, whaling requires a certain amount of groundwork to stand a good chance of success. This means threat actors are likely to perform detailed reconnaissance on their target. There should be no shortage of publicly available information to help them, including social media accounts, their company website, media interviews and keynote videos.
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
At the time of writing, they patched the bug. Therefore, if it is still under active exploitation, then some users have not applied the fix.
From the article:
It has since emerged that the South Asia-focused Bitter APT has also weaponized the vulnerability to facilitate persistence on the compromised host and ultimately drop a C# trojan by means of a lightweight downloader. The attack leverages a RAR archive ("Provision of Information for Sectoral for AJK.rar") that contains a benign Word document and a malicious macro template.
New DroidLock malware locks Android devices and demands a ransom
After reading the article, I can conclude that the malware is dangerous. One of the ways to ensure that you never get it is to not side-load APKs from outside the Google Play Store unless you trust the source.
From the article, here are some examples of what the malware can do to your device if you are infected:
Some of the actions it can take are wiping the device, locking it, changing the PIN, password, or biometric data to prevent the user from accessing the device.
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware
This might be obvious to you. But permit me to state it again: never run commands on your system if you don't understand what it will do (even if you're told it will do X and Y).
Now, what's happening here? When users search for information on Google, they get ads for publicly shared chats from Grok and ChatGPT with "steps" outlining what the user will do. However, one of the steps is a command, that if executed, will download the AMOS infostealer on the victim's Mac. Stay safe.
How to defeat it? Here is how:
Kaspersky noted that, even after reaching these manipulated LLM conversations, a simple follow-up question asking ChatGPT if the provided instructions are safe to execute reveals that they aren't.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.
Top comments (0)