Cl0p struck a blow against Oracle by exploiting a critical zero-day vulnerability in the E-Business Suite. Researchers report that attacks leveraging this flaw have been underway since July 2025, already compromising numerous major organizations...
Google has disclosed a years-long intelligence operation revealing that APT24, a China-linked threat group, had been deploying a previously unknown malicious tool called BadAudio. The campaign stretched across three years, gradually shifting toward more...
Developers using the Cursor and Windsurf IDEs are currently exposed to exploitation through at least 94 known vulnerabilities in Chromium and its JavaScript engine, V8. Both environments are built on outdated versions of Electron...
A malicious file was discovered in the downloads section of Xubuntu.org, the official website of the Ubuntu distribution featuring the Xfce desktop environment. The counterfeit installer, disguised as “Xubuntu — Safe Downloader,” was designed...
In October 2025, researchers at Kaspersky Lab uncovered a malicious package on the popular npm registry named https-proxy-utils, masquerading as a legitimate proxy utility. The trojanized module was engineered to deploy AdaptixC2 on compromised...
An advertisement has surfaced on the dark web offering three terabytes of data allegedly stolen from two major Russian SMS aggregators. The individual behind the post, using the pseudonym ByteToBreach, claims that the leak...
Microsoft researchers have identified a new variant of XCSSET, the macOS-targeting malware that has plagued developers since 2020. This family, notorious for spreading through Xcode projects by embedding malicious code, has now evolved with...
Developers have long placed their trust in tools that allow AI assistants to handle routine tasks—ranging from sending emails to managing databases. Yet that trust has proven a vulnerability: beginning with version 1.0.16, the...
Socket Threat Research has discovered a malicious NPM package named fezbox, published by a user going by janedu. Ostensibly a harmless library, the package conceals an unusually sophisticated payload: it uses a QR code...
A dangerous worm dubbed Shai-Hulud has been uncovered in the JavaScript ecosystem, infecting at least 187 packages in the NPM repository. What sets it apart is that it not only steals developer credentials but...
Researchers at Socket have disclosed a new attack against the npm ecosystem, in which more than 40 packages were discovered to be laced with embedded malicious code. The compromise mechanism was meticulously engineered: it...
Experts at Oasis Security have reported a vulnerability in the Cursor code editor that enables arbitrary tasks to be executed upon opening a repository. The issue arises because, unlike Visual Studio Code, Cursor has...
