Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
Explore Infosecurity Magazine’s most-read cybersecurity stories of 2025, from major vendor shake-ups and zero-day exploits to AI-driven threats and supply chain attacks ...
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
Discover the top seven penetration testing tools essential for enterprises in 2025 to enhance security, reduce risks, and ensure compliance in an evolving cyber landscape. Learn about their core ...
For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...
The human layer is one of the most vulnerable when it comes to crypto security, but authentication, hardware wallets, automation and strict verification habits are key to reducing risk.
AI-based VS Code forks recommended unclaimed extensions, allowing malicious uploads in Open VSX and risking developer systems ...
The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
An attacker seized control of Unleash Protocol’s multisig governance to upgrade contracts and siphon funds, which were later ...
A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
Malicious open-source packages are an unseen but rapidly growing threat to U.S. government. A 92% spike in identified malicious packages from 2022–2024 underscores the urgency. This e-book equips ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback