Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
Security Boulevard

What are Refresh Tokens? Complete Implementation Guide & Security Best Practices

Learn how refresh tokens work in enterprise SSO. This guide covers implementation, rotation, and security best practices for CIAM systems.

New GlassWorm Malware Wave Targets Macs Through Fake Crypto Wallet Tools

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code ...
The Hacker News

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12 ...

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...
Infosecurity Magazine

Infosecurity's Top 10 Cybersecurity Stories of 2025

Explore Infosecurity Magazine’s most-read cybersecurity stories of 2025, from major vendor shake-ups and zero-day exploits to AI-driven threats and supply chain attacks ...