News

World news, science, and stories that matter

Phishing Attack Compromises npm Packages

Major npm packages hijacked after a phishing campaign steals maintainer tokens—a new round of supply chain malware targeting open source software users and developers.

newssecurityJul 21, 2025

Google Chrome Users Face Critical Sandbox Escape Threat

Critical Chrome zero-day CVE-2025-6558 allows sandbox escape attacks via malicious webpages. Update to version 138.0.7204.157 immediately to prevent system compromise.

newssecurityJul 20, 2025