Skip to content
Security News, Assessments & Alerts

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build… 

Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. “At Balochistan Police, the compromised… 

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Ravie LakshmananJul 11, 2026Vulnerability / Email Security Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has… 

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

Ravie LakshmananJul 10, 2026Software Supply Chain / Malware Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet… 

Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Swati KhandelwalJul 10, 2026Enterprise Security / Security Incident Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to… 

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside data-center servers. Four of the… 

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Ravie LakshmananJul 10, 2026AI Security / Vulnerability Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary…