Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Observer-Reporter

Two charged with burglarizing Peters Township self-storage facility

Two men from Allegheny County are accused of burglarizing a self-storage facility in Peters Township over the weekend and attempting to steal gold and jewelry before a woman caught them in the act and ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Omaha.com

Former Omaha LGBTQ+ activist pleads guilty in New York to stealing $99K in nonprofit funds

A former Omaha nonprofit leader pleaded guilty to allegations that she siphoned $99,000 from a New York nonprofit she briefly led. The funds were meant to pay bail for indigent people but were instead ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...