SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks.

Maintainer, the package is, which is downloaded around 2.7 million times a week, was infected with a malware loader.

Cisco also uncovered four use-after-free flaws that can be leveraged to execute arbitrary code in the JavaScript engine of Foxit PDF Reader, including one (CVE-2018-3964) that leverages the ...

Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks. Bill Toulas; March 12, 2025 ...

The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at ...

In terms of the details, CVE-2018-16148 and CVE-2018-16147 are both cross-site scripting flaws that can be abused to execute malicious JavaScript code in the context of a legitimate user: The ...

Mozilla has introduced Firefox 141 – a security-focused update that addresses 18 newly disclosed vulnerabilities. They range ...

research on remote code execution through Intel CPU bugs at the upcoming Hack in the Box Security Conference in Malaysia. If his proof of concept code consisting of JavaScript or TCP/IP packet ...

Blocking JavaScript execution results in an immediate boost to a users' security, as none of that code will be able to execute. Also: Russian election hacking hits a bump, but it's still going on CNET ...

Mozilla is leveraging an impressive new optimization technique to bring a big performance boost to the Firefox JavaScript engine. The code was merged today (but is not yet ready to be enabled by ...