The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
MUO on MSN

6 Obsidian plugins that made me never look at another note-taking app again

Obsidian is good on its own, but these plugins made it even better for me.

Google’s Circle to Search Can Now Read Your PDFs and URLs to Get Full Context

Google upgrades Circle to Search with the "Ask about screen" feature, allowing it to analyze full PDFs and URLs to get the ...
New York Magazine

The 11 Very Best e-Readers

In the decade-plus that I’ve been using them, e-readers have become indispensable in my life. Unlike with paperbacks, an e-reader allows me to carry dozens of books in a fanny pack or backpack, and I ...
Macworld

Best PDF Editor for Mac (2026): Best tools for text edits, OCR & annotations

Many workplaces and educational institutions have completely switched from paper documents to digital ones. Consequently, Mac users are increasingly dealing with PDFs and other e-document file formats ...

Firefox 150 turns its PDF viewer into a real PDF editor

With Firefox’s latest version 150 update for Windows, macOS, and Linux, Mozilla has introduced few genuinely new features but some noteworthy improvements. The split view is easier to use, the ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
Forbes

Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware. Users urged to update now.
TechCrunch

Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months. The vulnerability, ...
theregister

Adobe finally patches PDF pest after months of abuse

Adobe has released a fix for an Acrobat and Reader zero-day that attackers had been exploiting for months. The patch, shipped on April 11, addresses CVE-2026-34621, a critical vulnerability in Acrobat ...
Bleeping Computer

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December. The flaw ...