IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...
Maintainer Jordan Harband writes on Bluesky that attackers had taken over the account of another project manager. Versions 3.3.1 ...
The RFC draft "OAuth 2.0 for Browser-Based Applications" highlights the extent of the problem: as soon as attackers can execute malicious JavaScript code in the application, they have virtually ...