WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
AARPOpinion

Prices for Top Prescription Drugs Rise in U.S., Fall Abroad

A new AARP report finds top brand-name medications increase sharply in the U.S., while prices for the same drugs drop or hold ...

Packaging company files lawsuit against Neese’s Country Sausage over alleged unpaid bills

A packaging company has filed a complaint against Neese’s Country Sausage over alleged unpaid bills, weeks after the ...
AARP

AARP’s Favorite Books of 2026 (So Far)

AARP’s books editor shares her standout reads, including Ann Patchett’s ‘Whistler’ and new novels from Matt Haig and ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
TechRadar

An incredibly popular JavaScript library might have some worrying malware issues

CVE-2025-12735 in expr-eval allows remote code execution via unsafe input evaluation Vulnerable versions ≤2.0.2; patched in 2.0.3 and forked in expr-eval-fork 3.0.0 Developers should sanitize ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
TheStreet.com

Exclusive: 'We will see more attacks' Ledger CTO warns after NPM breach

A recent supply-chain attack on a widely used JavaScript developer account could have spread malicious code across the web, Ledger CTO Charles Guillemet warned in an interview with TheStreet ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Searchenginejournal.com

Google: Your Login Pages May Be Hurting Your SEO Performance

Google treats generic login pages as duplicate content. When multiple URLs redirect to the same basic login form, Google combines them into one result. Login pages could outrank your actual content.
Ars Technica

Adult sites are stashing exploit code inside racy .svg files

Dozens of porn sites are turning to a familiar source to generate likes on Facebook—malware that causes browsers to surreptitiously endorse the sites. This time, the sites are using a newer vehicle ...
SiliconANGLE

INKY warns of new QR code phishing tactic using embedded JavaScript

A new report out today from cybersecurity company INKY Technology Corp. is sounding the alarm over a new wave of phishing threats that use QR codes in increasingly dangerous and deceptive ways, ...