The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.
The Caledonian-Record

H2O.ai H2OVL Mississippi models Shatter Milestone with Over One Million downloads monthly ...

H2O.ai, a pioneer in sovereign AI and the world’s leading agentic, highly accurate predictive AI company, today announced its ...
XDA Developers on MSN

I've been vibe-coding my own Chrome extensions, and I can't stop

More fun than it should be, honestly.

Marketeam.ai Redefines Chat Interface: Agents Now Architect and Compile Custom JavaScript ...

Marketeam.ai is building the first Integrated Marketing Environment (IME) - think of it like an IDE for marketing, but proactive. Instead of fragmented tools and dashboards, it runs marketing as a ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...
Security Boulevard

Fake Pudgy World site steals your crypto passwords

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.