Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Marshall Project

Journalists: New Data to Investigate the Consequences of Hospital Drug Testing at Childbirth

We collected child welfare data in 21 states to report on the consequences of faulty drug tests for pregnant women, including referrals to law enforcement.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access ...

Groovy! Dive into the world’s largest online slang dictionary

In 1993, Green started compiling 500 years of English slang by sifting through mountains of primary sources. The culmination ...
InfoQ

How WebAssembly Components Enable Safe and Portable Software Extensions

ABI and scripting to the Wasm Component Model (WASI Preview 2). He shares how to build secure plugin systems that run at near ...
GitHub

mark-friedman/scheme-js

An implementation of the Scheme R7RS-Small standard in JavaScript, designed for correctness, extensibility, and deep JavaScript interoperability. After running npm run build, you can use the ...