The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Android

Billions of Microsoft Apps Users Were Left Vulnerable to Account Hack: Here's How

Security researchers at Enclave have detailed “FlagLeft,” a critical vulnerability affecting six Microsoft 365 apps on Android, including Word, Excel, and Copilot. The issue stemmed from a single ...