News

6 browser-based attacks all security teams should be ready for in 2025

The browser is now the frontline for cyberattacks. From phishing kits and ClickFix lures to malicious OAuth apps and ...

Bad news - your web firewall may definitely not be as resilient as you may have thought

Web Application Firewalls (WAF) are not as resilient as organizations were led to assume, and can often be bypassed to inject malicious JavaScript code, experts have warned. Security researchers ...
Security Boulevard

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...

New “ModStealer” Malware Targets Crypto Wallets, Evades Antivirus Detection

A new cross-platform malware named “ModStealer” actively targets crypto wallets while remaining undetected by major antivirus ...
CSO Online

Phishing kit Salty2FA washes away confidence in MFA

The newly surfaced Salty2FA phishing kit shows attackers can sidestep multi-factor authentication by cloaking attacks in ...

After 20 years working in Canada’s cultural sector, I can finally speak out without fear

The cultural world is full of enforcers: art schools, universities, arts associations and provincial and federal funders. All ...
Developer Tech

Escalating npm supply chain malware attack drains crypto wallets

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain crypto wallets.
TechAnnouncer

Mastering LeetCode JavaScript: A Comprehensive Guide for Beginners

Starting with Easy LeetCode JavaScript Problems. LeetCode sorts its problems into Easy, Medium, and Hard. As a beginner, ...