Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Bleeping Computer

Hackers exploiting Acrobat Reader zero-day flaw since December

Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. The attacks have been discovered by security researcher Haifei ...
TechCrunch

Adobe launches Acrobat-based Student Spaces, a free AI-powered study tool for students

Adobe Acrobat has largely catered to professionals with its recent AI features. Now, the company is turning its attention to students by making Acrobat more useful with the launch of a new AI tool ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL ...
Deadline.com

‘Scream 8’: Zuckerman Sisters Writing Script As ‘Scream 7’ Sets Franchise Record With $200M+ WW

EXCLUSIVE: Spyglass is developing the eighth installment of the Scream franchise with Lilla and Nora Zuckerman writing. The Zuckerman sisters most recently served as showrunners for the hit Peacock ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.