Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...
Tech Times

How React Native Mobile Transforms iOS and Android App Development with Expo CLI and React Native CLI

Learn how React Native Mobile simplifies iOS and Android app creation using the versatile mobile app framework with Expo CLI ...
The TyeeOpinion

Governments Need to Ensure That MAID Safeguards Don’t Harm Individuals

A common assumption is that restricting eligibility reduces risk of premature access or errors in assessing cases. But for ...

PM warns Travelodge CEO to 'seriously engage' with MPs after 'appalling' hotel sex attack

Sir Keir Starmer's letter to Jo Boydell comes in response to a man being jailed for sexually assaulting a guest after staff gave him access to her room.

Google Chrome security flaw: Government flags bugs found in recent version; here's what you need to know and do

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users ...
The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
The Caledonian-Record

Pantheon Resources PLC Announces Granting Restricted Stock Units and Blocklisting Application

LONDON, UK / ACCESS Newswire / April 13, 2026 / Pantheon Resources plc ("Pantheon" or the "Company"), the oil and gas company ...