Modern PDF platforms can now function as full attack gateways rather than passive document viewers.

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

The story of Otto and Friedel Kuehn and their children defies belief. In the 1920s, Otto was an often-failed-but-finally successful businessman living in Germany; Friedel had delivered two children, ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

The hackers use fake CAPTCHA pages—which are designed to mimic standard security checks—to trick users into installing malicious software (“Stealthy StealC Information Stealer”) via keyboard commands.

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...

By now, nearly everyone has had a whack at Conservative MP Jamil Jivani’s bizarre solo diplomatic mission to Washington.

Ten states now have statewide policies prohibiting law enforcement officers from cooperating in the primary programs Trump is ...

While the overwhelming majority of Democrats still feel good about their party, they're much less positive than they've been in the past.