The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
GitHub

Frequently Asked Questions

Can I specify a different PDF in the default viewer? By default we produce a non-translated/non-polyfilled build, intended for the latest browsers. However, we also ...
WeLiveSecurity

FrostyNeighbor: Fresh mischief and digital shenanigans

This blogpost covers newly discovered activities attributed to FrostyNeighbor, targeting governmental organizations in Ukraine. FrostyNeighbor has been running continual cyberoperations, changing and ...
The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been ...
theregister

Months-old Adobe Reader zero-day uses PDFs to size up targets

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising. Security ...
CSOonline

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Adobe Reader vulnerabilities have been exploited for decades by threat actors taking advantage of the universal use of the utility to fool employees into downloading infected PDF documents through ...
IEEE

GenProgJS: A Baseline System for Test-Based Automated Repair of JavaScript Programs

Abstract: Originally, GenProg was created to repair buggy programs written in the C programming language, launching a new discipline in Generate-and-Validate approach of Automated Program Repair (APR) ...
PC Magazine

Google Chrome vs. Mozilla Firefox: I Pit the Most Popular Browser Against the Best Open-Source Alternative

Google Chrome vs. Mozilla Firefox: I Pit the Most Popular Browser Against the Best Open-Source Alternative Chrome dominates the browser market with extenstive site compatibility and a wealth of ...
TechRadar

This new phishing kit turns PDF files into malware - here's how to stay safe

MatrixPDF phishing kit weaponizes PDFs using embedded JavaScript and redirect mechanisms It mimics legitimate tools, offering drag-and-drop import, content blur, and Gmail bypass features To stay safe ...
Bleeping Computer

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential ...
GitHub

embedpdf/embed-pdf-viewer

Try it now — load your own PDF or use the sample: ...
IEEE

Making JavaScript Render Decisions to Optimize Security-Oriented Crawler Process

Abstract: The widespread use of web applications requires important changes in cybersecurity to protect online services and data. In the process of identifying security vulnerabilities in web ...