InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
The New Yorker

The Dark Side of Congo’s Cobalt Rush

In June, 2014, a man began digging into the soft red earth in the back yard of his house, on the outskirts of Kolwezi, a city in the southern Democratic Republic of the Congo. As the man later told ...
CSO Online

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence.
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...