The Hacker News

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian-linked APT28 ran credential-harvesting attacks in 2025 using fake Microsoft, Google, and VPN login pages, PDF lures, ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...