Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

The malware, known as Phantom Stealer, collects browser credentials, cookies, saved passwords, autofill data and payment card ...

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

North Korean hackers used an updated version of a known backdoor to target a popular npm package.