The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Experts exploited an XSS flaw in StealC’s admin panel, exposing operator sessions, system details & stolen cookies without ...
Cyber Daily

Cisco addresses Unified Communications vulnerability as active exploitation underway

Remote code execution vulnerability CVE-2026-20045 is considered critical by the vendor, as the US cyber agency adds the vulnerability to its KEV catalogue.
PCQuest on MSN

Using Chrome? Google says update now to avoid new security risks

Google has rolled out a new Chrome update after identifying multiple security gaps in an earlier version of its browser. The vulnerabilities affect Chrome 143 and users across Windows, macOS, and ...