Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows ...

Adobe has released a fix for an Acrobat and Reader zero-day that attackers had been exploiting for months. The patch, shipped on April 11, addresses CVE-2026-34621, a critical vulnerability in Acrobat ...

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Have you been playing Connections, the super fun word game from the New York Times that has people sharing those multi-colored squares on social media like they did with Wordle? It’s pretty fun and ...

Players should take "appropriate security measures to ensure their system is safe. Simply uninstalling the mods is not ...

Can't decide between a laptop and a tablet? Get both with a 2-in-1. Our shopping advice and product recommendations will help you find the convertible or detachable that's right for you. (We've tested ...