The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

What Is ActiveX? How It Works and Ensures Computer Security

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.
Appuals

How to Fix Crashing and Freezing Problem in ARC Raiders?

ARC Raiders may crash, freeze, or close unexpectedly during startup, loading, or gameplay if it fails to initialize graphics drivers, memory, or core ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
Opinion
Security BoulevardOpinion

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.
GB News

Google rushes out release of an emergency security update for Chrome — update your ...

Google has released an emergency update to its popular Chrome web browser — and this is not an update that you can afford to delay. The US search firm released this emergency fi ...