Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security (CCCS) warned on Thursday. ColdFusion is a commercial ...
search_vulns can be used to search for known vulnerabilities in software. To achieve this, it utilizes a locally built database containing various data sources about products, vulnerabilities, ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser. The vulnerability is an out-of-bounds ...
Technology is the world’s most targeted industry as adversaries exploit the AI being built and the tools used to build it CrowdStrike (NASDAQ: CRWD) today released the CrowdStrike 2026 Technology ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results