Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Commetjacking attack tricks Comet browser into stealing emails

A new cyberattack technique called 'Commetjacking' has been discovered targeting the Comet browser, a popular email client. This attack manipulates the browser to steal users' email data without their knowledge. The Commetjacking attack exploits vulnerabilities in the Comet browser's handling of web content, allowing attackers to inject malicious scripts that exfiltrate sensitive email information. This method poses a significant threat to email security and user privacy, as it bypasses traditional security measures and operates stealthily. Users of the Comet browser are advised to update to the latest version and apply recommended security patches to mitigate this risk. Additionally, cybersecurity professionals should monitor for indicators of compromise related to Commetjacking and educate users about safe browsing practices. This emerging threat highlights the importance of continuous security assessments for email clients and the need for robust defenses against browser-based attacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 03 Oct 2025 14:05:12 +0000

Cyber News related to Commetjacking attack tricks Comet browser into stealing emails

Commetjacking attack tricks Comet browser into stealing emails - A new cyberattack technique called 'Commetjacking' has been discovered targeting the Comet browser, a popular email client. This attack manipulates the browser to steal users' email data without their knowledge. The Commetjacking attack exploits ...
5 hours ago Bleepingcomputer.com

SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are - SquareX’s research reveals that Browser AI Agents are more likely tofall prey to cyberattacks than employees, making them the new weakest link that enterprisesecurity teams need to look out for. Moreimportantly, employees using Browser AI Agents ...
3 months ago Cybersecuritynews.com

OpenAI is to Launch a AI Web Browser in Coming Weeks - The new browser will feature integrated AI agent capabilities designed to autonomously handle various online tasks, positioning OpenAI as a direct competitor to traditional browser giants like Google Chrome while advancing the company’s vision ...
2 months ago Cybersecuritynews.com

Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com

10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
2 months ago Cybersecuritynews.com

Top Characteristics of a QR Code Phishing Email - As campaigns using QR codes grow in size and complexity it is important to track not just the QR codes themselves, but also the context of the emails delivering the QR codes. Others use images embedded in the email or QR codes rendered from external ...
1 year ago Securityboulevard.com

The Browser Blind Spot: Why Your Browser is the Next Cybersecurity Battleground - Security teams must integrate browser detection & response capabilities into their enterprise security stack to gain real-time visibility, detect browser-native threats, and protect people where they work. Just as EDR transformed endpoint ...
7 months ago Bleepingcomputer.com

Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com

361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
1 year ago Bleepingcomputer.com

Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com