North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
TL;DR Why EN 303 645 matters ETSI EN 303 645 has given consumer IoT security a much-needed baseline. It gives manufacturers, assessors, and product teams a shared view of reasonable IoT security and ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
A recent report from cloud security firm Sysdig details the capabilities of JadePuffer, which it says is the first ransomware ...
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to ...
Hackers are exploiting a critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10.
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results