Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Yahoo

Nancy Guthrie disappearance timeline: Key developments in the investigation as search approaches end of 2nd month

Add Yahoo as a preferred source to see more of our stories on Google. Nancy Guthrie's house in Tucson, Ariz. (Evan Garcia/Reuters) It’s been almost two months since Nancy Guthrie was reported missing ...
NBC News

Mysterious interstellar object '3I/ATLAS' makes its closest approach to Earth

NBC News' Gadi Schwartz reports on "3I/ATLAS," a mysterious outer space object that is thought to be billions of years old, making its closest approach to Earth, giving scientists an opportunity to ...
Mashable

A new Google tool actually lets you search videos for specific objects

The biggest stories of the day delivered to your inbox.