Microsoft removed a steganography-based adware network (StegoAd) consisting of 119 extensions that had been active since at least 2021 and concealed malware payloads in images and fonts.
Threat actors are abusing ChatGPT share links to host fake OpenAI outage pages that redirect users to download malware disguised as a ChatGPT desktop application, exploiting user trust in legitimate channels through social engineering.