Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
Analytics Insight

Best Open-Source Projects That Will Lead in 2026

Overview: Open-source now drives AI, cloud efficiency, and developer productivity.Projects with strong communities outperform ...
GitHub

element-software/verisure_api

securitas-direct-api/ ├── src/ │ ├── lib/ # Core library │ │ ├── client.ts # Main API client │ │ ├── types.ts # TypeScript interfaces │ │ ├── constants.ts # API endpoints & constants │ │ └── index.ts ...
The Hacker News

ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Weekly cybersecurity roundup covering exploited vulnerabilities, malware campaigns, legal actions, and nation-state attacks ...
GitHub

A JavaScript library that converts standard HTTP URLs (YouTube, LinkedIn) into Native Mobile Deep Links (Custom Schemes & Android Intents).

This package is currently in active development and may not work as expected. Use at your own risk. Breaking changes may occur in future versions. The goal of this project is to provide a lightweight, ...