WordPress users beware - GootLoader strikes again, using font hack to spread malware

In the new campaign, Gootloader was most likely leveraged by a group known as Storm-0494, as well as its downstream operator, ...
CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...
The Hacker News

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.

Amazon web services return to 'normal operations' after mass outage, tech giant says

More than 1,000 companies had 6.5 million reports of disruption, including Snapchat, Reddit, Roblox and Lloyds bank.

BrowserAct Enhances Web Scraping Reliability with Technology That Eliminates AI Hallucination

BrowserAct, a global automation company, has launched a major update to its intelligent web scraping and data-agent platform ...

3 Engineer-Approved AI Tools to Master ‘Vibe Coding’ — and 7 Steps to Use Them

"Vibe coding" appeared in early 2025 to describe the simple idea of programming with AI tools. So I tested a range of them — ...

No Chance for Token Theft: The Backend-for-Frontend Pattern

The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the ...

I love uBlock, but it’s not the first browser extension I install on my phone

Userscripts are no longer in vogue, but they're well worth using on your Android phone. Here's how I do it through Violentmonkey.

Email Threat Radar – November 2025

Over the last month, Barracuda threat analysts have seen the following notable developments in email-based threats targeting ...