Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...
GitHub

JSON.stringify is not per spec / mismatches other engines on empty objects when padding is used

This also happens regardless of state.[[Gap]] (and state.[[Indent]]) which affects only only step 10. "Else" and elements in step 8 (of which there are none here). I encountered this in snapshot ...