1100万DLのYouTube広告ブロック拡張に「サーバー変更だけで任意 ...

Chrome拡張機能「Adblock for YouTube」について、「サーバー側の設定を1つ変更するだけでユーザーのブラウザ上で任意のJavaScriptをページ内で実行できる設計になっている」とエンタープライズブラウザ企業のIslandが指摘しました。Islandは悪意あるコードが実際に配信された形跡は確認していないとしたうえで、1100万件以上インストールされている拡張機能に危険な実行経路 ...

Families describe 'deep sense of anger' after review into mother and baby deaths at 'toxic ...

Staff reported a "bullying" culture at the hospital trust, while mothers were told to "pull themselves together" during ...
The Hacker News

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

FPJ Exclusive: Meet Nisarga, The 19-Year-Old Ethical Hacker Who Flagged Alleged CBSE Portal ...

Fresh concerns have emerged over CBSE’s online portal after a 19-year-old cybersecurity researcher alleged vulnerabilities ...