Apple Releases Safari Technology Preview 235 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...
The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Experts exploited an XSS flaw in StealC’s admin panel, exposing operator sessions, system details & stolen cookies without ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...

10 things I learned from burning myself out with AI coding agents

As independent AI researcher Simon Willison wrote in a post distinguishing serious AI-assisted development from casual “ vibe ...
InfoWorld

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain compromises — exploiting CI systems, ...
Communications of the ACM

Verification Debt: When Generative AI Speeds Change Faster Than Proof

A useful name for what accumulates in the mismatch is verification debt. It is the gap between what you released and what you have demonstrated, with evidence gathered under conditions that resemble ...

Malware scam: Job offers trick developers with malicious repositories

Developers now need to be careful with job offers. Criminals are trying to distribute infostealers through them.
SDxCentral

CrowdStrike tries browser security with second acquisition of the year

With the acquisition, CrowdStrike will merge Seraphic's browser runtime security capabilities with its flagship Falcon suite, ...