Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...
The Hacker News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...
Futurism

Malware Is Now Using AI to Rewrite Its Own Code to Avoid Detection

Researchers at Google have discovered that hackers are creating malware that can harness the power of AI during its execution ...

Gootloader malware returns with fake NDA scam - here's what we know

The Gootloader malware scam, which was thought to have been disrupted and shut down in March 2025, has returned with both old ...

Google spots malware in the wild that morphs mid-attack, thanks to AI

PROMPTFLUX: Experimental malware, a VBScript dropper with obfuscation, that abuses the Google Gemini API to dynamically rewrite its own source code. PROMPTLOCK: Another experimental strain of malware, ...