New macOS ClickFix attack silently mounts DMGs to push infostealer

A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from ...
The White House

Fact Sheet: President Donald J. Trump Secures the Nation Against Advanced Cryptographic Attacks

In June 2025, President Trump signed an Executive Order to strengthen the Nation’s cybersecurity by focusing on critical ...

FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
The White House

SECURING THE NATION AGAINST ADVANCED CRYPTOGRAPHIC ATTACKS

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered: Section 1.  Background ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...