The Hacker News

Why Secrets in JavaScript Bundles are Still Being Missed

Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, revealing major gaps in traditional SAST, DAST, and ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.

Does llms.txt matter? We tracked 10 sites to find out

We analyzed llms.txt across 10 websites. Only two saw AI traffic increases — and it wasn't because of the file.

How a third-party data leak led to phishing attempts against Ledger users

A Global-e order data breach exposed limited Ledger customer details, enabling more convincing impersonation scams. Learn how ...