Mozilla released Firefox 141 on July 22, 2025, addressing 18 security vulnerabilities ranging from high to low severity levels.
The update includes critical fixes for memory safety bugs, JavaScript engine vulnerabilities and various web security bypasses that could potentially allow arbitrary code execution and...
A sophisticated cyberattack targeting Arch Linux users was discovered on July 16, 2025, when malicious actors uploaded three compromised browser packages to the Arch User Repository (AUR).
The packages, disguised as legitimate Firefox and browser variants, contained Remote Access Trojan (RAT) malware that could...
Cybersecurity researchers have identified a sophisticated phishing campaign that leverages obfuscated .LNK shortcut files and Living Off The Land Binary (LOLBin) techniques to deliver DeerStealer malware.
The attack exploits legitimate Windows system tools, particularly mshta.exe, to execute malicious payloads while evading traditional security detection...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft SharePoint vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations that the security vulnerability is being actively exploited by threat actors in the wild.
The vulnerability, tracked as CVE-2025-49706, represents a...
A urgent guidance on July 19, 2025, warning of active attacks targeting on-premises SharePoint servers by Chinese nation-state actors exploiting critical vulnerabilities CVE-2025-53770 and CVE-2025-53771.
The company has observed multiple threat groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, conducting sophisticated attacks against internet-facing...
In a dramatic escalation of supply chain threats against the JavaScript ecosystem, attackers have leveraged a typosquatted phishing site to steal npm maintainer tokens and inject malicious code into critical development tools.
The incident, first flagged by maintainers of the eslint-config-prettier repository, involved four...