Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell […]
Category: Cyber Security News
Apache Jena Vulnerability Allows Arbitrary File Access
Critical security vulnerabilities in Apache Jena have been disclosed that enable administrators to access and create files outside designated server directories, potentially compromising system security. […]
New DCHSpy Android Malware Targets WhatsApp, Call Logs, Audio, and Photos
Security researchers at Lookout have identified four novel samples of DCHSpy, an advanced Android surveillanceware attributed to the Iranian threat actor group MuddyWater, believed to […]
New Scanner Launched to Detect CVE-2025-53770 in SharePoint Servers
A cybersecurity researcher has released a new open-source scanner designed to detect a critical vulnerability affecting Microsoft SharePoint servers, providing organizations with a crucial tool […]
Critical Sophos Firewall Flaws Allow Pre-Auth RCE
Sophos has disclosed multiple critical security vulnerabilities affecting its Firewall products, with the most severe flaws enabling pre-authentication remote code execution that could allow attackers […]
PoisonSeed überlistet FIDO-Schlüssel
Cyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen. ArtemisDiana – shutterstock.com FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, […]
Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data
Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, […]
Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials
Researchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package […]
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The […]
wolfSSL Security Update Addresses Apple Trust Store Bypass
wolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust store bypass flaw that could […]