Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript...
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript...
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says...
Sophos Firewall Config Studio is a new and hugely popular free tool that all Sophos Firewall customers and partners can...
As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for...
The command line interface (CLI) of the popular Bitwarden open source password manager is the latest target the ongoing Checkmarx...
Ravie LakshmananApr 21, 2026Network Security / Vulnerability Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters...
Ravie LakshmananApr 15, 2026Threat Intelligence / Cloud Security Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation...
An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into...
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean...
On March 30-31, 2026, threat actors published two malicious versions of the popular HTTP library axios (versions 1.14.1 and...
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
On March 24, 2026, two malicious versions of LiteLLM – the popular AI/LLM proxy gateway present in roughly 36%...
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named...
This morning, the widely used Python package litellm, a popular abstraction layer for interacting with large language models (LLMs),...
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a...