New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
Decrypt

Moonshot AI's Kimi Work Brings 300 AI Agents to Your Desktop

Kimi Work lets an AI agent loose on your local files, your browser, and your schedule—without routing everything through the ...
MSN on MSN

CISA ordered agencies to patch the actively exploited MongoBleed flaw before attackers spread

Federal agencies that rely on MongoDB now face a hard deadline to fix a vulnerability that lets unauthenticated attackers read sensitive data straight from server memory. The Cybersecurity and ...
Spectrum News NY1

Ex-congressman, sex offender Anthony Weiner files papers for City Council run

Former Rep. Anthony Weiner is starting to plan a political comeback, filing paperwork with the city’s Campaign Finance Board to run for a City Council seat on Manhattan’s Lower East Side. Weiner went ...