libraries
-
The Rise of Regional NFC Relay Malware: Deep Dive into DevilNFC and NFCMultiPay
Cybersecurity researchers have identified a sophisticated new evolution in mobile banking fraud: the DevilNFC malware family. This threat is distinguished…
Read More » -
Mini Shai-Hulud: Supply Chain Campaign Targets @antv Ecosystem
A sophisticated, large-scale supply chain attack has recently been detected targeting the npm registry, specifically compromising a wide array of…
Read More » -
Seedworm’s Evolution: Inside the Iranian-Linked APT’s Surgical Global Espionage Push
The advanced persistent threat (APT) group known as Seedworm—also identified by the monikers MuddyWater, Temp Zagros, and Static Kitten—has long…
Read More » -
The Worm That Ate the Workflow: Unpacking the TanStack, React Router, and Mini Shai-Hulud Infection Chain
A sophisticated supply chain compromise has recently targeted the TanStack ecosystem, affecting 84 distinct npm packages. This wasn’t a simple…
Read More » -
Critical Sandbox‑Escape Vulnerabilities Discovered in the vm2 Node.js Library
Multiple critical sandbox‑escape vulnerabilities have been disclosed in vm2, one of the most widely used Node.js sandboxing libraries, allowing attackers…
Read More » -
The “Slinky” Trap: How a Fake Minecraft Cheat Deploys LofyStealer Malware
In a sophisticated social engineering campaign targeting the gaming community, Minecraft players are being targeted by a deceptive “hacking tool”…
Read More » -
From Disclosure to Exploitation in Hours: LMDeploy SSRF Vulnerability Exploited in the Wild
In the rapidly evolving landscape of AI infrastructure, the window between vulnerability disclosure and active exploitation is shrinking to a…
Read More » -
Mozilla MFSA-2026-30: Critical Memory Safety & Privilege Escalation Fixes for Firefox 150 & Thunderbird 150
Mozilla has released a comprehensive security advisory (MFSA-2026-30) addressing a significant cluster of vulnerabilities affecting various components of the Firefox…
Read More » -
Critical Axios Vulnerability Enables Full Cloud Infrastructure Compromise
A severe security flaw has been identified in Axios, one of the internet’s most popular HTTP client libraries. This vulnerability…
Read More »