GitHub

YC Serverless Functions websocket tunnel/proxy

A TCP and WebSocket tunnel via YC (using Serverless Functions and API Gateway, and there's also an experimental branch that uses QUIC protocol mechanics over WS) to bypass Russian internet censorship ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
BBC

Client-side scripting using JavaScript

The client is the computer system (including tablets and mobile devices) that is running the web browser. Client-side scripts are interpreted by the browser and executed on the client system.
GitHub

Chi-Square/portfolio-obfuscator

AI tools are incredibly powerful for portfolio analysis, but pasting raw holdings exposes your exact positions, account numbers, wallet addresses, and net worth. portfolio-obfuscator gives you ...