ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
MIT Technology Review

The Download: AI’s role in the Iran war, and an escalating legal fight

Much of the spotlight on AI in the Iran conflict has focused on models like Claude helping the US military decide where to strike. But a wave of “vibe-coded” intelligence dashboards—and the ecosystem ...
XDA Developers on MSN

I automated my downloads folder with one script, and it hasn't needed attention since

One simple Python script transformed my chaotic downloads folder into a well-organized haven, eliminating the need for manual ...

What Is ActiveX? How It Works and Ensures Computer Security

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.
PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
GitHub

Barrel file removal tool for JavaScript & TypeScript projects (ESM-only).

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.

If you’re into AI coding, OpenAI just puts its Codex on Windows

OpenAI has launched its Codex app on Windows, bringing a native AI coding assistant with project management, automations, and WSL support for developers.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Chrome Gemini panel became privilege escalator for rogue extensions

Security boffins have discovered a high-severity bug in Google Chrome that allowed malicious extensions to hijack its Gemini Live AI panel and inherit privileges they were never meant to have. The ...
GitHub

aria2 - The ultra fast download utility

aria2 is a utility for downloading files. The supported protocols are HTTP(S), FTP, SFTP, BitTorrent, and Metalink. aria2 can download a file from multiple sources/protocols and tries to utilize your ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...