JavaScript Library Framework

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

The Next Web

Henrique Schmaiske and the human work behind Meteor 3.0

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...

InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

The Caledonian-Record

Hong Kong Artist Wallace Woo Ends Western Abstract Hegemony with ‘Geological Abstractionism’ — The Territory’s First Complete Aesthetic System

HONG KONG SAR & NEW YORK, UNITED STATES - Media OutReach Newswire - 9 June 2026 - The contemporary art world is witnessing a profound paradigm shift. Following his Paris ...

10d

Show inaccessible results