The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

What's behind Cipher Digital stock rally: $810M debt offering meets BTC bounce

Cipher Digital (CIFR) plans $810M senior secured notes to fund Stingray data center, boost reserves and reimburse equity—see ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Next Web

Cipher Digital raises $810 million in junk bonds to build another Amazon data centre in Texas

Cipher Digital is selling $810M in high-yield bonds to fund its Stingray data centre in West Texas, leased to Amazon for 15 years, at a yield of 6.25%.

Cipher Digital Inc. Announces Proposed Offering of $810.0 Million of Senior Secured Notes

Cipher Digital Inc. (NASDAQ: CIFR) (“Cipher” or the “Company”) a leading developer, owner, and operator of industrial-scale data centers, today announced that its wholly-owned subsidiary, Stingray ...
SecurityWeek

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...