The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
Make Tech Easier

Use Pake to Turn Websites Into Desktop Apps — No Bloat, No Browser Dependency

Turn any website into a desktop app with Pake. Create fast, lightweight apps without browser dependency or bloat.
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
InfoWorld

Local-first browser data gets real

Wasm, PGlite, OPFS, and other new tech bring robust data storage to the browser, Electrobun brings Bun to desktop apps, ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Hackaday

Simulating The AVR8 For A Browser-based Arduino Emulator

It’s always nice to simulate a project before soldering a board together. Tools like QUCS run locally and work quite well for ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
GIGAZINE

'Agent Zero' allows you to easily and freely use an AI agent to automatically operate browsers and files, and can also be used with ChatGPT, Claude, and Gemini.

An open source personal AI agent framework called ' Agent Zero ' has been released, which uses the OS as a tool to accomplish tasks by gathering information, executing code, and collaborating with ...
PCMag

LinkedIn Faces Spying Allegations Over Browser Extension Scanning

A German group claims LinkedIn is 'illegally searching' users' computers. But the Microsoft-owned site says it collects data ...
Kim Komando

Software and apps

Gmail. Google Maps. The App Store. Every one was dismissed like an absurd April Fools’ prank. Every one became unavoidable. And every one came with a price tag nobody saw coming.