New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

Google releases DBSC in Chrome 146 for Windows, binding cookies to devices to reduce session theft and prevent unauthorized ...

Stolen browser cookies have become one of the most traded commodities on criminal marketplaces, letting attackers slip into ...

Cyber attackers target session cookies to gain access. Google is now activating protection in Chrome for Windows.

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.

Google’s Device Bound Session Credentials in Chrome protect against session cookie theft by binding authentication to the ...

C-Suite executives are being warned that a previously undocumented Microsoft attack platform, codename Venom, can neutralize ...

C-Suite executives are being warned that a previously undocumented Microsoft attack platform, codename Venom, can neutralize ...

A new feature aimed at protecting internet users from information stealing malware, or infostealers, has been rolled out in ...

This tracker was last updated on April 10, 2026, with the latest decisions by Gov. Brad Little on bills that passed in the last days before the 2026 legislative session ended April 2. Each January, ...