The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Modern PDF platforms are becoming high-risk attack surfaces

Modern PDF platforms can now function as full attack gateways rather than passive document viewers.
Security Boulevard

Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and ...
The Hacker News

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

New defence industrial strategy will jump-start investment, sector leaders and analysts say

They also fit into multiple priority areas identified in the new defence strategy, including marine sensors and autonomous ...

Glen Powell is deathly dull in How to Make a Killing

But if that cast sounds suspiciously close to an alt-universe Knives Out sequel, you’re unfortunately not far off: How to Make a Killing is a Rian Johnson-lite concoction that is neither all that ...