Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Hackaday

Desktop Digitizer Makes Note Capture A Breeze

While it might seem quaint these days, we’ve met many makers and hackers who reach for a pen and a pad when learning ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

PDF Warning—Adobe Reader Zero-Day Attack Ongoing Since 2025

Hackers have been exploiting an Adobe Reader zero-day vulnerability since December 2025; PDF users are warned.
Cybernews

Critical Adobe Reader zero-day lets PDFs steal files, may have been active for months

A newly discovered Adobe Reader zero-day vulnerability allows malicious PDF files to steal local data and potentially lead to ...

AI finds critical ImageMagick vulnerabilities in default configurations

An AI pentesting tool has discovered critical vulnerabilities in default ImageMagick configurations. Workarounds offer protection.
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
IEEE

Zebra: Efficient Redundant Array of Zoned Namespace SSDs Enabled by Zone Random Write Area (ZRWA)

Abstract: Zoned Namespace (ZNS) SSDs have emerged as a promising solution for eliminating device-level garbage collection and achieving predictable performance through the zone abstraction, which ...