MIT Technology Review

Just pull a string to turn these tile patterns into useful 3D structures

Inspired by the Japanese art of kirigami, an MIT team has designed a technique that could transform flat panels into medical ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now.
GitHub

CVE-2025-69873

An attacker can inject a malicious regex pattern (e.g., "^ (a|a)*$ ") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU ...