CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...
The Hacker News

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and ...
InfoQ

DuckDB's WebAssembly Client Allows Querying Iceberg Datasets in the Browser

DuckDB has recently introduced end-to-end interaction with Iceberg REST Catalogs directly within a browser tab, requiring no ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...