Bleeping Computer

Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, ...
CSOonline

Critical flaw in OpenPGP.js raises alarms for encrypted email services

A newly discovered flaw in OpenPGP.js, a JavaScript cryptography library used by services like Proton Mail, could allow attackers to spoof messages that appear securely signed and encrypted, security ...
PC World

Software developers are failing to implement crypto correctly, data reveals

Despite a big push over the past few years to use encryption to combat security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures ...