A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...

Linux users face a new threat as cybercriminals exploit a critical vulnerability in Canonical's Snap Store, hijacking trusted ...

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...

Abstract: With the widespread adoption of smartphones over the past decade, mobile applications have become a primary target for malicious attacks, usually in the form of malware. Recent studies have ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, using phishing links ...

The --polling flag enables filesystem polling, which works reliably with mounted volumes where OS-level file events don't propagate.