The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The zero-day vulnerability in question is CVE-2025-10585 , which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine ... researcher mrd0x as a proof-of-concept ...

NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...