The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
GitHub

This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.

While assessing a web application, it is expected to enumerate information residing inside static files such as JavaScript or JSON resources. This tool tries to help with this "initial" recon phase, ...