Cybernews

Flaw at major enterprise chatbot maker leads to cookie theft

Yellow.ai's customer service chatbot had a major security flaw that enabled cookie theft and account hijacking. The issue has ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishin…

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
The Hacker News

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Google releases critical Chrome update patching zero-day CVE-2025-10585, discovered Sept 16, to block active V8 JavaScript ...
TechSpot

Hackers are hiding malware in SVG images via fake Facebook posts

A hot potato: As more websites implement age verification checks, many users are migrating to smaller, less regulated sites – unintentionally increasing their risk of encountering malware.