The Hacker News

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Many organizations lack complete visibility into all JavaScript code executing on their pages. Scripts can dynamically load ...
The Hacker News

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

"UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used to obscure ...
Benzinga.com

"Avoid On-Chain Transactions": Ledger CTO Issues Urgent Warning After JavaScript Attack

A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger's chief technology officer, Charles Guillemet, who advised users without hardware wallets to ...
adtmag.com

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in ...