InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
SecurityWeek

Next.js Creator Vercel Hacked

Vercel confirms that is has suffered an intrusion after a hacker offered to sell data allegedly stolen from the company’s ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...