CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).
The Hacker News

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the ...

Hide and sleek: Latest Vivaldi release can tuck its UI away until summoned

Browser maker Vivaldi has opened up a new front in the browser wars by making itself disappear.
The Caledonian-Record

‘High Potential’: Willa Quinn Targets Morgan With New Ally Tied to Captain Nick Wagner

High Potential‘s plot thickens as Season 2 continues on ABC with the arrival of Willa Quinn (Jennifer Jason Leigh) in Los Angeles. Along with revealing her ongoing effort to hide what happened to ...

Quadruple amputee and bean-bag-toss champion accused of fatally shooting passenger while driving

Webber was arrested hours later across state lines in Charlottesville, Virginia. He was the first quadruple amputee to ...

Amount of AI-generated child sexual abuse material found online surged in 2025

Internet Watch Foundation verified 8,029 pieces of realistic AI-made content, with 65% of videos in worst category ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
PCMag UK

Pornhub Is Now Blocked in 23 States and These 3 Countries. How to Watch Anyway

To protest age-verification laws, Pornhub is blocked in almost half of the US states, as well as Australia, France, and the ...

Australia’s pornography age-verification: a victory for advocates or a gateway to ‘darker corners of the internet’?

As users turn to VPNs to access sexual content, experts warn collection of information creates a ‘honeytrap’ for bad actors ...

Researchers found a way to steal data from Claude.ai using Google Ads

A legitimate Google ad could lead to data exfiltration through a chain of Claude flaws.
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Ai2 releases open-source visual AI agent that can take control of web browsers

Allen Institute for AI, a prominent Seattle-based nonprofit research organization working on advancing artificial intelligence models and systems, today launched a new open-source AI agent that can ...