CSO Online

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...
The Caledonian-Record

John Fisher Reveals Proven Systems to Scale Your Injury Law Practice at Exclusive Mastermind

Join a Leading Voice in Catastrophic Injury Law for a High-Impact Day of Strategy, Hot Seat Coaching, and Networking in New ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

WellSpace starts construction on 13-acre Sacramento campus, led by $24M, 32-bed mental health center

The 13-acre campus is designed to expand behavioral health services and integrate care for underserved patients.

The accountability gap behind many small business cyber incidents

For smaller organizations, cyber incidents are rarely the result of inaction. More often, they reflect a lack of clear ...

Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...