SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Browser-based attacks hit 95% of enterprises — and traditional security tools never saw them coming

Omdia research shows 95% of organizations faced browser-based attacks last year. CrowdStrike's CTO and Clearwater Analytics' ...
The Indiana Lawyer

Firing squad, gas execution methods move out of Indiana House committee

Firing squad and nitrogen hypoxia would be allowed alongside lethal injection to carry out Indiana’s death penalty under a ...
IEEE

WAF: An Efficient WebAssembly-Based Execution Environment for User-Defined Functions

Abstract: User-Defined Functions (UDFs) have long served as the standard method for extending the capabilities of data management systems. With the advent of WebAssembly (WASM), UDFs' dependencies, ...