AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
Windows Latest

Microsoft wants devs to build Electron AI apps on Windows 11, says no need of native code, despite RAM concerns

Microsoft reaffirmed its commitment to AI in Windows 11 and encouraged Electron developers to consider using AI in their apps ...
TweakTown

Elgato Stream Deck+ XL shown running the original DOOM game with controller

A developer has used OpenAI Codex to successfully port the original DOOM game over to Elgato's Stream Deck+ XL, and even a controller can be used.
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...

Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

Anyone can code now. What will you build?

See how anyone can build a working app or website in minutes — no coding skills required.
PCMag on MSN

Wikipedia forced to lock down edits over JavaScript that could delete pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

Longest Ballot Committee collecting signatures for potential candidates in Terrebonne by-election

A group that protests Canada’s electoral system by loading up ballots with the names of dozens of little-known candidates ...