The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

What's behind Cipher Digital stock rally: $810M debt offering meets BTC bounce

Cipher Digital (CIFR) plans $810M senior secured notes to fund Stingray data center, boost reserves and reimburse equity—see ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Next Web

Cipher Digital raises $810 million in junk bonds to build another Amazon data centre in Texas

Cipher Digital is selling $810M in high-yield bonds to fund its Stingray data centre in West Texas, leased to Amazon for 15 years, at a yield of 6.25%.
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
GitHub

Simple, robust, BitTorrent wire protocol implementation

Node.js implementation of the BitTorrent peer wire protocol. The protocol is the main communication layer for BitTorrent file transfer. Also works in the browser with browserify! This module is used ...
note

JavaScript: The Labyrinth of Type Coercion

If you have ever worked with JavaScript, you have likely held your head in your hands at least once, wondering, "Why does it do that?!" The cause of this is often JavaScript's powerful (and sometimes ...
GitHub

malicious_powershell_process_with_obfuscation_techniques.yml

description: The following analytic detects PowerShell processes launched with command-line arguments indicative of obfuscation techniques. It leverages data from Endpoint Detection and Response (EDR) ...