Bleeping Computer

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...
The New York Times

New York Times - Top Stories

Trump Is Pushing the U.S.-Europe Alliance Onto a Precipice As President Trump tries to coerce European leaders over Greenland, they are pondering the unthinkable: Is an 80-year-old alliance doomed? 4 ...
dbta

Database Management

Delinea, a provider of solutions for securing human and machine identities through centralized authorization, is acquiring StrongDM, a universal access management company purpose-built for modern ...
GitHub

Cadmium CMS has a background arbitrary file upload vulnerability

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...