#JavaScript Security
2 posts
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution A newly disclosed protobuf.js issue deserves attention well beyond the JavaScri...
April 19, 2026
5 min read
Lucas Oliveira
Research
Axios npm compromise pushed a cross-platform RAT through a fake dependency
Axios npm compromise pushed a cross-platform RAT through a fake dependency A compromise of the widely used axios package on npm shows why defenders cannot rely...
April 1, 2026
5 min read
Lucas Oliveira
Research