The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
Lablab.ai

Perplexity Computer: Stop Prompting, Start Delegating

A practical guide to Perplexity Computer: multi-model orchestration, setup and credits, prompting for outcomes, workflows, ...

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Finding hijacked subdomains is straightforward. People need only enter site: [university].edu “xxx” or site: [university].edu ...
XDA Developers on MSN

I built a local LLM server I can access from anywhere, and it uses a Raspberry Pi

It may not replace ChatGPT, but it's good enough for edge projects ...