CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated.
CoinTelegraph

Near patches critical bug that could crash every node on the network

Researchers found a vulnerability in NEAR’s peer-to-peer networking protocol that could have crashed any node, but it was patched before an attacker could discover it. The smart contract platform Near ...