Chainguard launches trusted collection of verified JavaScript libraries

Chainguard Libraries for JavaScript include builds that are malware-resistant and built from source on SLSA L2 infrastructure ...
Arabian Post on MSN

Browser Domains Under Threat from Hidden Extension Injection

A newly disclosed vulnerability allows threat actors to surreptitiously install arbitrary extensions on Chromium-based browsers within Windows domain environments, circumventing typical user alerts ...