Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in ...
ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
InfoWorld

Chainguard offers malware-resistant JavaScript libraries

Responding to recent NPM malware attacks, Chainguard Libraries for JavaScript seeks to address security vulnerabilities in ...
MediaNama

Why CERT-In Is Warning Startups and IT Companies About Dune-Inspired Malware ‘Shai-Hulud’

CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...

Starmer vows to protect Jewish communities after Manchester attack

The prime minister said Britain must defeat antisemitic hate, as the King, religious leaders and politicians issue statements ...
CSO Online

That innocent PDF is now a Trojan Horse for Gmail attacks

Researchers at security company Varonis have uncovered a crafty new Gmail phishing attack that not only masquerades as a PDF attachment, but automatically prompts victims to open it. The MatrixPDF ...

Two dead in Manchester synagogue attack, with suspect also believed to have been killed - police

The suspect was shot by police, who say his condition cannot be confirmed due to "suspicious items on his person". A bomb disposal unit is at the scene.
Infosecurity Magazine

Gemini Trifecta Highlights Dangers of Indirect Prompt Injection

The first indirect prompt injection vulnerability affects Gemini Cloud Assist: a tool designed to help users understand ...

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into ...
The Hacker News

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

The campaign has been codenamed EvilAI by Trend Micro, describing the attackers behind the operation as "highly capable" ...
AARP

Study Finds Menopause Drug Relieves Hot Flashes, Improves Sleep

A new study shows a nonhormonal medication lowered the frequency and severity of hot flashes while improving sleep and mood, ...

Update Chrome now: Google patches new zero-day threat

Chrome faces its sixth zero-day attack in 2025 as Google patches critical V8 engine flaw CVE-2025-10585 discovered by Threat ...