Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Google student researcher 2026 applications close on March 31, direct link to apply here

Google Student Researcher 2026: Selected students will be responsible for conducting research to develop solutions for ...
The Globe and Mail

Why some companies must kill their own products

When the first wave of AI-powered work software hit the market, entrepreneur Aydin Mirzaee realized the days were numbered for Fellow, his meeting management company. “We told everybody that for the ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Last Chance To Apply For Google Student Researcher 2026: Application Ends Tomorrow For Google Cloud, DeepMind, And Google Research

The Registrations for Google's Student Researcher 2026 program will conclude tomorrow, on March 31, 2026. Students enrolled in bachelor's, master's, or doctoral programs can apply via the Google ...
The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.

Hopper to run Avion travel rewards program for RBC

Hopper Inc. became one of Canada’s largest private technology companies by selling its online travel products and services to ...
NetEye Blog

Vue 3 PWAs are great, until they bite

This is more about what happens when you try to make a Vue 3 PWA behave well in real life, on a complex multi-faceted application. Vue 3 gives you the reactivity model and composition primitives that ...