Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.
Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...
Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...
A comprehensive SAML development guide for engineering leaders. Learn about assertions, metadata, and securing single sign-on for enterprise CIAM.
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...
Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped ...
This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
Some attachments in Epstein emails can be recovered unredacted, because base64-encoded email attachment data was included in the DOJ releases.
Security researchers warn of active attacks on SolarWinds Web Help Desk. Malicious actors are exploiting vulnerabilities to infiltrate systems and then ...
According to Huntress, the intrusions stem from the many recently disclosed vulnerabilities – some critical – affecting SolarWinds Web Help Desk.
Attackers are actively exploiting a critical vulnerability in React Native's Metro server to infiltrate development ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results