Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
TechCrunch

North Korean hackers blamed for hijacking popular Axios open source project to spread malware

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Cosmopolitan

How to Master a DIY Pedicure, According to a Celebrity Manicurist

I leave my biweekly gel manicure to the pros. I love watching the manicurists create tiny works of art on my nails, especially since it’s a skill I could never replicate at home. But a DIY pedicure?