1. Angular HTTP Client XSRF Token Leakage Vulnerability Triggers Urgent Four-Version Security Patch
Google's Angular framework has released emergency security updates addressing a critical cross-site request forgery (XSRF) token leakage flaw in the HttpClient module. Tracked as CVE-2025-66035 (GHSA-58c5-g7wp-6w37), the vulnerability stems from how Angular's HTTP client handles protocol-relative URLs—web addresses tha...