JavaScript library downloaded 3m times a week exposes apps to hijacking via evil proxy configs
PAC mania A popular NPM code library called Pac-Resolver has been updated to eliminate a severe remote-code execution vulnerability. Developers who have incorporated the package into their applications should make sure to update their dependencies to be rid of the bug, and provide necessary updates to users to secure them....