Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Anthropic’s Claude Opus 4.6 AI found 22 Firefox vulnerabilities, including 14 high severity, helping Mozilla patch flaws in ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

A final security update for Chrome 145 eliminates a handful of vulnerabilities, including some labeled critical.

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

Warper 7.2 is a cutting-edge open-source React virtualization library utilizing Rust and WebAssembly for unmatched performance. With zero-allocation hot paths and O(1) circular buffer operations, ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Despite operating in a reduced capacity, the US cybersecurity agency CISA has issued a warning about ongoing attacks exploiting vulnerabilities in Chrome, Zimbra, ThreatSonar, and an ActiveX module.