CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
Hackaday

Satellite Snooping Reveals Sensitive Unencrypted Data

In an era where running a website without HTTPS is shunned, and everyone wants you to encrypt your DNS queries, you’d expect ...