SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Nominations Open: Best Government Institution for Service Excellence 2026

The Global Banking & Finance Review Awards programme has officially opened nominations for Best Government Institution for ...

No. 1 Jannik Sinner beats rising star Rafael Jódar in Madrid and declares ‘what a player’

World No. 1 Jannik Sinner proved too much for Rafael Jódar, the latest tennis sensation from Spain. Jódar’s run was halted by ...

American Hailey Baptiste saves 6 match points to stun world No. 1 Aryna Sabalenka at Madrid Open

American Hailey Baptiste has earned the biggest win of her career by saving six match points and beating world No. 1 Aryna Sabalenka in the quarterfinals of the Madrid Open.

Cross-platform development: React Native 0.85 gets new animation backend

The open-source framework introduces an experimental animation backend and outsources the Jest testing framework into its own package.
Bleeping Computer

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and ...
IEEE

GenProgJS: A Baseline System for Test-Based Automated Repair of JavaScript Programs

Abstract: Originally, GenProg was created to repair buggy programs written in the C programming language, launching a new discipline in Generate-and-Validate approach of Automated Program Repair (APR) ...