GovInfoSecurity

Breach Roundup: Recently Patched Oracle Flaw Under Attack

This week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm ...

Popular JavaScript library can be hacked to allow attackers into user accounts

A popular JavaScript cryptography library is vulnerable in a way which could allow threat actors to break into user accounts.

The silent checkout threat: Card details stolen before you press ‘Submit’

Attackers implant JavaScript skimmers that run silently in your browser, capturing full card numbers, CVVs, names, email ...

Crypto Thieves Steal Solana via Hidden Chrome Extensions

Socket’s Threat Research Team has outlined all the details.