Gootloader malware is back with new tricks after 7-month break

The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to ...
The Hacker News

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware ...

No Chance for Token Theft: The Backend-for-Frontend Pattern

The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the ...
The Hacker News

Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks

The vulnerability, tracked as CVE-2025-11953, carries a CVSS score of 9.8 out of a maximum of 10.0, indicating critical severity. It also affects the "@react-native-community/cli-server-api" package ...

CERT-In issues high severity warning for Google Chrome on desktop: Details

CERT-In has issued a high-severity warning for desktop users of Google Chrome, citing multiple security flaws that could let hackers remotely execute malicious code ...

Claude Code trojan found in NPM

Supply chain security company Safety has discovered a trojan in NPM that masqueraded as Anthropic’s popular Claude Code AI ...
GitHub

Chromium Browser DoS Attack via document.title Exploitation

It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations ...