Popular JavaScript library expr-eval vulnerable to RCE flaw

Published on November 10, 2025

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. [...]

Continue reading on website
Other news

5 reasons why attackers are phishing over LinkedIn

November 10, 2025
Attackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps and channels as users load malicious pages. [...]

Yanluowang initial access broker to plead guilty to ransomware attacks

November 10, 2025
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. [...]