There are new available articles, click to refresh the page.

Before yesterdayNaked Security

Naked Security
Ghostscript bug could allow rogue documents to run system commands
July 4^th 2023 at 17:57

Ghostscript bug could allow rogue documents to run system commands

By Paul Ducklin

Even if you've never heard of the venerable Ghostscript project, you may have it installed without knowing.

Related tags
July 4^th 2023 at 17:57

Naked Security
S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]
September 1^st 2022 at 16:55

S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]

By Paul Ducklin

Latest episode - listen now!

Related tags
September 1^st 2022 at 16:55

Naked Security
JavaScript bugs aplenty in Node.js ecosystem – found automatically
August 30^th 2022 at 16:59

JavaScript bugs aplenty in Node.js ecosystem – found automatically

By Paul Ducklin

How to get the better of bugs in all the possible packages in your supply chain?

Related tags
August 30^th 2022 at 16:59

Naked Security
JavaScript developer destroys own projects in supply chain “lesson”
January 11^th 2022 at 00:54

JavaScript developer destroys own projects in supply chain “lesson”

By Paul Ducklin

Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.

Related tags
January 11^th 2022 at 00:54