The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...

More malicious browser extensions uncovered - Chrome, Firefox, and Edge all affected

Security researchers LayerX have discovered 17 extensions for Chrome, Firefox, and Edge browsers which monitored people’s ...
SecurityWeek

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Chrome 144 and Firefox 147 were released with patches for a total of 26 vulnerabilities, including high-severity code ...

Web Development: Cloudflare Acquires Astro Technology Company

The company behind the Astro web framework now belongs to Cloudflare. However, Astro is set to remain open source and ...

Apple Releases Safari Technology Preview 235 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...
The American Bazaar

Cybersecurity firm Cyble uncovers android banking malware targeting Iranian users

Cyble uncovers deVixor Android banking trojan targeting Iranian users via phishing, ransomware, SMS theft, and credential ...

Fake error popups are spreading malware fast

Cybercriminals use ErrTraffic tool to automate malware distribution through fake browser error messages, with attacks ...
The Caledonian-Record

90 Million Downloads & Counting: ELSA Speak’s AI helps HK Professionals Increase Market Value and Unlock Global Opportunities

HONG KONG SAR - Media OutReach Newswire - 8 January 2026 - With intensifying global competition and remote work becoming the ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...