Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
The Hacker News

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

SmartLoader campaign spreading StealC via a trojanized Oura MCP server using fake GitHub forks to steal credentials and crypto funds.
CSO Online

Leaky Chrome extensions with 37M installs caught divulging your browsing history

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.
InfoQ

Chrome 144 Ships Temporal API: Advancing JavaScript Date/Time Standardisation

Chrome 144 introduces the groundbreaking Temporal API, revolutionizing date and time management in JavaScript. As a modern alternative to the criticized Date object, Temporal resolves parsing ...
DevPro Journal

Defending your dev business against the rise of deepfake social engineering

Discover how software development leaders can protect their firms from hyper-realistic deepfake impersonation attacks.