Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
GitHub

Cab Booking System — Java OOP Project

A fully-featured, console-based Cab Booking System built in Java that demonstrates 15 core Object-Oriented Programming concepts through a real-world ride-hailing simulation. The system covers ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...