MAL-2025-47142 Malicious code in @ctrl/torrent-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff09406779243d2fc9bc760936ed5d719341a950dcd013607c74fb31c9b437f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

A week in security (April 3 - 9)

Last week on Malwarebytes Labs: TikTok: Whats going on and should I be worried? Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer Big changes to Twitter verification: How to spot a verified account New macOS malware steals sensitive info, including a user's entire Keychain...

CVE-2020-13586

SoftMaker Office PlanMaker 2021 (Revision 1014) contains a memory corruption vulnerability in the Excel SST record 0x00fc. The parser allocates a fixed 0x6060-byte heap buffer for the SST data and then performs a memcpy using the record length read from the file, which can exceed the allocation (...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...