InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’ ...
GitHub

reverse-engineering-tools

A comprehensive collection of Frida scripts and Python tools for Android dynamic analysis. Includes PoCs for bypassing SSL pinning, root detection, obfuscation, and client-side cryptographic integrity ...