TECH NEWS

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

Including npm packages in software development projects saves but can introduce unseen but known vulnerabilities.

CVE Lite CLI is a lightweight command line security scanner that operates on lockfiles during software development. It focuses on JavaScript and Typescript files and is an OSV-powered dependency scanner supporting npm, pnpm and Yarn.

It is an open source tool developed by Sonu Kapoor, now community supported and recently adopted as an OWASP Incubator Project.

Kapoor has been a software developer for 25 years and has experienced and understands all the frustrations and delays in the secure software development process. It is these frustrations and delays that CVE Lite CLI is designed to ease.

“Each project you build doesn’t simply contain your own code. It pulls in hundreds of open source packages. Each of those packages might pull in other packages with their own dependencies, until a typical JavaScript project might involve thousands of...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://hackster.imgix.net/uploads/attachments/1963575/_QKdHM6QFVD.blob?auto=compress%2Cformat&w=600&h=450&fit=min

UncleStem's AR Sandbox Turns Kinetic Sand Into a Live Topographic Map

You probably know what a development sandbox is, but you’ve never seen one quite like UncleStem’s. After seeing a demonstration in which UCLA researchers used a depth-sensing camera and a digital projector to map real-time topographic data onto a physical box of sand, UncleStem decided to build a

https://image.theregister.com/4094206.jpg?imageId=4094206&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Yet another Cisco SD-WAN 0-day under attack, and no patch in sight

Good luck, sys admins The threat is real. Unknown miscreants are exploiting a high-severity, zero-day bug in Cisco’s SD-WAN management software, and the networking giant hasn’t said when it will patch the flaw. Cisco issued an advisory on Thursday for the Catalyst SD-WAN Manager vulnerability, tracked as CVE-2026-20245,

https://i.extremetech.com/imagery/content-types/04tj69PVMW7ax06C6tFk74j/hero-image.fill.size_1200x675.png

Nintendo Confirms EU‑Only Switch 2 Revision With User‑Replaceable Batteries

Nintendo has announced it will bring a new version of the Switch 2 to the European Union with user‑replaceable batteries in the console and controllers. The new battery design is a response to one of the EU's e-waste reduction laws, which requires most portable devices to feature

https://www.zdnet.com/a/img/resize/38cdeaba4f189c9274d96aad7fa705126f89fe54/2026/06/05/3e888f3f-828c-4ffe-a7b3-4327712e6756/img-4708.jpg?auto=webp&fit=crop&height=675&width=1200

I cracked open a '1,000W' portable charger after it failed me in minutes - the cause was clear (and gooey)

Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways * Things that look "too good to be true" invariable are just that. * This example got dangerously hot in a short period of time before dying. * There's no legitimate charger that comes

Read more

UncleStem's AR Sandbox Turns Kinetic Sand Into a Live Topographic Map

Yet another Cisco SD-WAN 0-day under attack, and no patch in sight

Nintendo Confirms EU‑Only Switch 2 Revision With User‑Replaceable Batteries

I cracked open a '1,000W' portable charger after it failed me in minutes - the cause was clear (and gooey)