The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.

Malicious GhostPoster browser extensions found with 840,000 installs

Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge ...

An exploration of the extraordinary, Live to See the Day leaves you hoping for the impossible

Globe and Mail journalist Mark Medley’s book delves into stories of seemingly impossible goals from around the world ...