The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...

Go Programming Language 1.26 Patches Several Security Flaws

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...
Cryptopolitan on MSN

Malicious Bitcoin npm packages spread NodeCordRAT malware before takedown

Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named NodeCordRAT. Reports say that they all got more than 3,400 downloads before ...
Hosted on MSN

No heat, no help: Toledo’s policy to stay out of code problems inside private property

TOLEDO, Ohio (WTVG) - People are likely cranking up the heat at home amid cold winter weather. But what happens when you have no heat in your apartment? 13 Action News spoke to several renters in ...
CNBC

Best mortgage lenders of January 2026

Interest in homebuying has been reinvigorated as mortgage rates come down from historic highs. In November 2025, home loan applications jumped 20% year‑over‑year, according to the Mortgage Bankers ...