The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.
GitHub

Java enterprise application development framework for full scenario

700% higher concurrency 50% memory savings Startup is 10 times faster. Packing 90% smaller; It also supports java8 ~ java25, native runtime.
GitHub

adraynrion/gitlab-cr-agent

An enterprise-grade, AI-powered code review agent that integrates seamlessly with GitLab using PydanticAI. Automatically analyzes merge requests for security vulnerabilities, performance issues, code ...
The Hacker News

Passwd: A walkthrough of the Google Workspace Password Manager

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure ...