Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Windows 11 cumulative updates KB5083769 & KB5082052 released

Microsoft has released Windows 11 KB5083769 and KB5082052 cumulative updates for versions 25H2/24H2 and 23H2 to fix security ...

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...
PCMag

I Put 4 Windows Debloating Tools to the Test. The Results Were Embarrassing

Debloat tools claim to make Windows 11 more efficient by removing unnecessary processes and freeing up RAM. In practice, that ...
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

ChromeOS Flex gets a $3 USB installer to revive aging Windows PCs

Google has partnered with Back Market, a company specializing in refurbished tech products, to bring ChromeOS Flex to even ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Windows Central

Microsoft just made a command line version of the Microsoft Store for Windows 11 — install and update your apps without a GUI

Microsoft has announced the Store CLI, a command-line interface for managing and installing Windows apps from the Microsoft Store. It's similar to WinGet, except the Store CLI only works for apps that ...