1. pnpm v10 Update Addresses Critical Global Cache Poisoning Vulnerability (CVE-2024-53866)
A major update to the pnpm package manager addresses a critical security flaw that could allow attackers to poison the global cache and bypass script execution safeguards. The vulnerability, tracked as CVE-2024-53866 (GHSA-vm32-9rqf-rh3r), stems from a mishandling of workspace overrides and the global cache, creating a...