Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
The Hacker News

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Fake CAPTCHA IRSF scam sends up to 60 SMS messages since June 2020, exploiting 17 countries and costing victims $30 per ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
The New York Times

Chromebook Remorse: Tech Backlash at Schools Extends Beyond Phones

No more YouTube or video games on school laptops. Textbooks and pencils are back. Some seventh graders say they prefer learning offline. No more YouTube or video games on school laptops. Textbooks and ...