Hackers breached Toptal’s GitHub account to publish 10 malicious npm packages with destructive payloads, leading to 5,000 downloads. The incident highlights growing threats in software supply chains and open-source ecosystems.
Security researchers have discovered a serious vulnerability in Google Gemini for Workspace that allows attackers to inject hidden commands into emails, leading to convincing phishing attempts—all without links or attachments.
Let’s Encrypt has issued its first IP address certificate, expanding HTTPS access for users without domains and advancing secure internet infrastructure.