News

Update now! Chrome security vulnerability is being exploited
Google updated its Chrome web browser on Wednesday night. The update also closes a vulnerability that had already been exploited.
Update Chrome now to avoid a newly found zero-day vulnerability
Yesterday's security update for Chrome eliminates another browser vulnerability that's already being exploited for attacks in ...
Legit Security Launches Advanced Code Change Management & Protection to Deepen AppSec Visibility & Remediation
Legit Security, a global leader in AI-native application security posture management (ASPM), today announced enhanced capabilities for significant code change and workflow orchestration within its ...
SecurityWeek1d
Threat Actors Use SVG Smuggling for Browser-Native Redirection
The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at runtime. The decrypted code reconstructs a redirect command and builds a ...
Infosecurity Magazine1d
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
Once opened in a browser, the code decrypts a secondary payload using a static XOR key and then redirects the user to an ...
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after ...
Google fixes another Chrome security flaw being actively exploited
Chrome users need to update their browsers immediately as Google addresses a critical vulnerability that hackers are actively ...
The Hacker News5d
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
A critical vulnerability in mcp-remote (CVE-2025-6514) allows remote code execution, affecting 437,000+ users.
Windows 11 now uses JScript9Legacy engine for improved security
Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy ...