libraries
-
EngageSDK Vulnerability puts millions of crypto wallets at risk
A recently identified flaw in the popular Android library EngageSDK has sparked serious worries within the cryptocurrency sector, potentially endangering…
Read More » -
Critical Chrome Flaws Let Attackers Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version…
Read More » -
Stealthy .NET Malware Adds AV Killer, HVNC Features
CrySome RAT is a newly observed, advanced .NET remote access trojan that combines full-featured post‑exploitation tooling with unusually hardened persistence,…
Read More » -
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
A significant surge in PXA Stealer campaigns targeting global financial institutions during Q1 2026. This marks a notable shift in…
Read More » -
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
A South Asian financial institution faced compromise due to a custom malware toolkit combining a modular backdoor (BRUSHWORM) and a…
Read More » -
Five Malicious npm Packages Target Crypto Developers, Steal Wallet Keys via Telegram
Five malicious npm packages impersonating popular crypto libraries are stealing wallet keys from Solana and Ethereum developers and exfiltrating them…
Read More » -
Pyronut Package Backdoors Telegram Bots With RCE
Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both…
Read More » -
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
Apple released emergency security patches to address a critical WebKit flaw currently exposing iPhone, iPad, and Mac users to sophisticated…
Read More » -
Nginx UI Vulnerabilities Let Attackers Download Full System Backups
A critical security flaw has been identified in Nginx UI that permits unauthorized threat actors to download and decrypt entire…
Read More » -
Docker Releases Free, Production-Grade Hardened Container Images
In a significant move to enhance software supply chain security, Docker has made its production-grade hardened container images available as…
Read More » -
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have discovered a new and sophisticated threat: SantaStealer, a malware-as-a-service information stealer that is being…
Read More » -
Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data
A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket…
Read More »