Malicious code in @cloudplatform-single-spa/smk (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from insufficient policy enforcement in the Extensions API and affects the following products and versions: Chrome prior to 105.0.5195.52 Mac/linux and 105.0.5195.52/53/54 Windows...