CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

AI agent tools aren’t ready for the real world yet, new study finds

The authors argue that today’s agentic AI platforms are closer to experimental infrastructure than finished products.

What the new finfluencer guidance means for firms and content creators

The guidance covers the types of content or statements that could stray into providing targeted advice and be subject to ...

In The B2Ai Era Agent Experience Is Rewriting The Marketing Playbook

Agent experience (AX) is the new competitive advantage in the era of AI. Learn how B2Ai commerce is transforming marketing ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors ...