Graham Cluley

Update now! Bug means large PAC files can crash Android phones

A security hole allows attackers to crash Android phones and force them to soft-reboot. Discovered by Nightwatch Cybersecurity software engineer Yakov Shafranovich, the bug hinges on what are known as ...
Ars Technica

NPM package with 3 million weekly downloads had a severe vulnerability

Popular NPM package “pac-resolver” has fixed a severe remote code execution (RCE) flaw. The pac-resolver package receives over 3 million weekly downloads, extending this vulnerability to Node.js ...
ZDNet

This NPM package with millions of weekly downloads has fixed a remote code execution flaw

A very popular NPM package called 'pac-resolver' for the JavaScript programming language has been fixed to address a remote code execution flaw that could affect a lot of Node.js applications. The ...