A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt ...
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.
Researchers report phishing emails in Russia using ISO attachments to deploy Phantom Stealer against finance and related ...
CISA warns of active exploitation of Sierra Wireless router flaw allowing remote code execution via unrestricted file upload.
Apple fixes two exploited WebKit bugs targeting specific users, issuing security updates across iOS, macOS, and Safari.
PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...
Researchers detail new AI and phishing kits that steal credentials, bypass MFA, and scale attacks across major services.
Enterprises rely on browser-based GenAI, increasing data-exposure risks and demanding strict policies, isolation, and ...
The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure.
CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
CISA reports active exploitation of GeoServer XXE flaw CVE-2025-58360 and directs immediate updates to secure affected ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback