The Hacker News

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.
MUO on MSN

Yes, you can get malware just by visiting a website

It's not even your browser's fault.

This clever Shortcut lets you download latest Artemis II images directly from NASA [U: updated shortcut]

Download full high quality Artemis II images with this easy to install and clever shortcut directly from NASA to your photo ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

NJ rep’s new bill would make Apple, Google verify users’ ages before kids could download potentially harmful apps

The bill “would be the only way at this point to truly prevent your child from accessing content you don’t want them to see,” ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
TechRadar

Popular JavaScript library can be hacked to allow attackers into user accounts

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate ...