npm 12 Reduces Supply Chain Risk โ๏ธ, 130 Exploits Published ๐ฟ, Linux Distro Sabotage ๐ฃ
TLDR InfoSec
Retained excerpt
GitHub released npm 12 with install scripts, git dependencies, and remote URL installs turned off by default, forcing explicit approval ๐ ATTACKS & VULNERABILITIES A PUERTO RICO GOVERNMENT AGENCY EXPOSED 1M SOCIAL SECURITY NUMBERS (3 MINUTE READ) The government agency that collects property taxes in Puerto Rico accidentally exposed the SSNs of 1M people. The Municipal Revenue Collection Center maintains an interactive property map which shows the owner names, lot sizes, tax assessment, and sale price for every registered property on the island. Researchers discovered that while the map itself did not surface additional sensitive information, โanyone who understands how websites request dataโ could access unprotected personal information, including SSNs. DISCORD AI MODERATION GLITCH WRONGFULLY BANS 8K USERS IN 24-HOUR PERIOD (2 MINUTE READ) Discord acknowledged a severe glitch in its AI content moderation system that led to thousands of users being wrongfully banned. Discord hadโฆ
This limited excerpt is retained to explain the source trail. Rights remain with the original publisher.