The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
InfoWorld

Google Protocol Buffers flaw turns schemas into shells

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Wall Street Journal

Operation Epic Fury: The Bombers the U.S. Is Using to Strike Iran

WSJ’s Shelby Holliday breaks down the types of long-range bombers the U.S. has deployed. Photo: DVIDS ...