Cybernews

Flaw at major enterprise chatbot maker leads to cookie theft

Yellow.ai's customer service chatbot had a major security flaw that enabled cookie theft and account hijacking. The issue has ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishin…

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
The Register on MSN

Google pushes emergency patch for Chrome 0-day - check your browser version now

Sixth such Chrome flaw this year spotted by the Chocolate Factory, already in play Google pushed an emergency patch for a ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...