Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly…
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored…
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new…
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites…
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions
Sep 18, 2025Ravie LakshmananVulnerability / Browser Security Google on Wednesday released security…
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence The threat actors behind the…
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Aug 01, 2025Ravie LakshmananMalware / Artificial Intelligence Cybersecurity researchers have flagged a…
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Jul 30, 2025Ravie LakshmananCryptocurrency / Browser Security Cybersecurity researchers are calling attention…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…