The Hacker News

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

The vulnerability works on Google Chrome and all web browsers that run on Chromium, which includes Microsoft Edge, Brave, ...
CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
The Hacker News

ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands

The extension, which uses JavaScript to overlay a fake sidebar over the legitimate one on Atlas and Perplexity Comet, can trick users into "navigating to malicious websites, running data exfiltration ...