The countries that have social media bans, or are planning to implement one

It's been four months since Australia banned under-16s from using social media, and ever since, a growing number of countries ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
GitHub

[email protected] and [email protected] are compromised

Most likely, a maintainer's GitHub and npm accounts are compromised as these issues are getting deleted. I have also reported this as a vulnerability, so that a CVE can be generated.

Official White House app allegedly with extensive tracking functions

The White House app requests extensive permissions on Android. A technical analysis also raises data protection and security ...