Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

The White House launched its own app with a glaring privacy issue

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

The countries that have social media bans, or are planning to implement one

It's been four months since Australia banned under-16s from using social media, and ever since, a growing number of countries ...
GitHub

n8n Ultimate JSON Functions Cheat Sheet

{{ .fieldName }} // Get field from current item +{{ ["field with spaces"] }} // Field names with spaces/special chars +Stop searching through documentation! This ...

Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.

Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...
WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...
The Hacker News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple ...

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...
The Escapist

Here’s how to access World of Warcraft’s Midnight’s starting quest, and be ready for launch later

World of Warcraft Midnight Expansion is upon us, with Xal’atath’s forces now marching upon the home of the Blood Elves. When the Midnight’s release time finally arrives, players will be on their way ...