Kinetic Potential Blog

Japanese chip testing giant Advantest Corporation (TSE: 6857) has been targeted in a ransomware attack.

Advantest makes automatic test equipment for the semiconductor industry. It serves major chipmakers such as Intel, Samsung, and TSMC.

In a statement published on its website on Thursday, Advantest said it detected an IT network intrusion on February 15 and immediately activated incident response protocols.

The company has shared little information about the cybersecurity incident.

“Preliminary findings appear to indicate that an unauthorized third party may have gained access to portions of the company’s network and deployed ransomware,” Advantest said.

It’s unclear if the attackers exfiltrated any sensitive information from the company.

Researchers have identified more than a dozen vulnerabilities in popular PDF platforms from Foxit and Apryse, demonstrating how attackers could have exploited them for account takeover, data exfiltration, and other attacks.

The vulnerabilities were discovered by researchers at penetration testing startup Novee, which emerged from stealth mode in January 2026 with over $51 million in funding.

The findings were responsibly disclosed to Foxit and Apryse, and both vendors have patched the reported vulnerabilities.

Novee’s research targeted Apryse WebViewer and Foxit PDF cloud services. Apryse WebViewer, formerly PDFTron, is a JavaScript-based document SDK and UI component library that enables developers to embed viewing, annotation, editing, and conversion features directly into web applications and browsers.

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely.

The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live Preview.

"Our research demonstrates that a hacker needs only one malicious extension, or a single vulnerability within one extension, to perform lateral movement and compromise entire organizations," OX Security researchers Moshe Siman Tov Bustan and Nir Zadok said in a report shared with The Hacker News.

Details of the vulnerabilities are as follows -