ZDNet

This NPM package with millions of weekly downloads has fixed a remote code execution flaw

A very popular NPM package called 'pac-resolver' for the JavaScript programming language has been fixed to address a remote code execution flaw that could affect a lot of Node.js applications. The ...
Threat Post

WPAD Flaws Leak HTTPS URLs

Sniffing HTTPS URLs with malicious PAC files gets easier with a new technique that exploits flaws in the Web Proxy AutoDiscovery protocol. LAS VEGAS — Researchers have found flaws in the Web Proxy ...