NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web ...
Bitdefender

Patch Your Browser! Google Addresses a Newly Exploited Security Flaw in Chrome’s V8 Engine

Google is rolling out updated versions of Chrome to the masses, signaling that attackers are exploiting a newly discovered ...
The Hacker News

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

The campaign has been codenamed EvilAI by Trend Micro, describing the attackers behind the operation as "highly capable" ...
InfoWorld

QR codes become the vehicle for malware in new technique

A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
BeInCrypto

A New Chrome Exploit Could Drain Your Crypto

A Chrome flaw in the V8 engine, CVE-2025-10585, let hackers execute code for wallet drains and private key thefts. Google ...
Infosecurity Magazine

npm Package Uses QR Code Steganography to Steal Credentials

A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...
GCN

Google fixes Chrome zero-day CVE-2025-10585

Google patches CVE-2025-10585, the sixth Chrome zero-day exploited in 2025, affecting V8 JavaScript engine with type ...

10 ChatGPT Codex secrets I only learned after 60 hours of pair programming with it

Pair programming with ChatGPT Codex for a week exposed hard-won lessons every developer should know before trying it.

How 'BMX in a wheelchair' became an online sensation

WCMX - short for wheelchair motocross - is the para-sport taking social media by storm. So what is it, and what is its future ...