The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
InfoWorld

8 cutting-edge web development tools you don’t want to miss

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

How to Cut AI API Costs by 80%: AI.cc Publishes Step-by-Step Token Optimization Guide for ...

SINGAPORE, SINGAPORE, SINGAPORE, May 28, 2026 /EINPresswire.com/ -- Free guide draws on analysis of 2.4 billion API ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
Tom's Hardware on MSN

Researchers say they can spy on your browsing by measuring SSD activity through a browser API

FROST exploits the Origin Private File System (OPFS), a browser API that lets websites create and store files on a user's local disk.
GitHub

botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
GitHub

apacheli/discord-api-libs

A curated list of open-source libraries for interacting with Discord's API. Something off? Want to contribute? Take a peek at our contributing guide.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...