Defense One

Fake DOD memo about ‘compromised’ apps shows swift spread of deceptive messaging

The message, widely circulated as the U.S. bombed Iran, shows how quickly unverified information can reach troops.

300,000 Chrome users hit by fake AI extensions

Chrome extensions disguised as AI assistants infected over 300,000 users with malware that steals emails, passwords and ...

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...

Tax season scams 2026: Fake IRS messages stealing identities

Tax scams target Americans starting in January using personal data from brokers to create fake IRS emails and refund alerts ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Fake CAPTCHA pages are tricking users into installing malware

The hackers use fake CAPTCHA pages—which are designed to mimic standard security checks—to trick users into installing malicious software (“Stealthy StealC Information Stealer”) via keyboard commands.