Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...

A newly discovered Adobe Reader zero-day vulnerability allows malicious PDF files to steal local data and potentially lead to ...

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Google has rolled out a new update for its Chrome browser, fixing several serious security issues. The latest version, Chrome ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...

Claude Code Source Code Leak Anthropic: Analysts believe the leak could impact the company’s reputation, especially as it is ...

Anthropic is fitting its Claude Code AI-powered coding assistant with an auto mode for the Claude AI assistant to handle ...