The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Months-old Adobe Reader zero-day uses PDFs to size up targets

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.
Silicon Canals

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open ...

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...
TechTargetジャパン

「放置されたOSS」が招く“第2のLog4j”の恐怖 文化を守る4つの生存 ...

数年以上更新のないOSSを用いている商用ソフトウェアが大量に出回っている。開発者の意欲が削がれ、保守が止まったOSSは「第2のLog4j」のような深刻な脆弱性を生む。AI時代にOSSを救うための4つの処方箋とは。