Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
CoinDesk

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...
The Tech Edvocate

North Korean Hackers Exploit Axios NPM Package in Major Supply Chain Attack

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...
9to5Mac

Google reveals another exploit chain affecting outdated iPhones

Following its recent disclosure of the Coruna exploit chain targeting older iOS versions, the company has now revealed a similar attack believed to be called DarkSword. Here are the details. A few ...
MacRumors

Apple Urges iPhone Users Running Outdated iOS Versions to Update Immediately

Apple today urged iPhone users who are running iOS 13 or iOS 14 to upgrade to iOS 15 to protect themselves from being hacked through malicious web content. In a support document, Apple highlights ...
abc4.com

Amazon planning to substantially cut number of packages sent through USPS

(NewsNation) — Amazon announced this week it is planning to make substantial cuts to the number of packages it ships through the U.S. Postal Service. Amazon is aiming to cut the shipments by at least ...
CBS News

Pete Hegseth says U.S. will hit Iran with its "largest strike package yet"

Defense Secretary Pete Hegseth said Thursday that there will be the "largest strike package yet" in the Iran war after Israel struck an Iranian gas field and Iran retaliated across the region. Hegseth ...
The Hacker News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat ...
The Verge

PSA: Hackers can raid iOS 18 with an infected link

The ‘DarkSword’ attack technique can covertly steal messages, contacts, saved credentials, cryptocurrency wallets, and more on iPhones running iOS 18.4 to 18.6.2. The ‘DarkSword’ attack technique can ...