AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

ChatGPT wants a do-it-all super app, but Apple will probably stand in the way

OpenAI is working on a project to consolidate ChatGPT, coding tools, and a browser into one app. Apple's iOS platform restrictions will prevent it from becoming a true all-in-one platform on the ...
The Caledonian-Record

H2O.ai H2OVL Mississippi models Shatter Milestone with Over One Million downloads monthly - Launching Momentum into GTC 2026

H2O.ai, a pioneer in sovereign AI and the world’s leading agentic, highly accurate predictive AI company, today announced its ...
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

Failure to reform WTO may prompt some countries to seek other free-trade options

Failure to chart a viable reform path for the World Trade Organization at a meeting next week will nudge members to pursue ...
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.

Check Your iPhone Settings Now: Apple Releases First-Ever ‘Background’ Security Patch

This is the first Background Security Improvement from Apple. Here’s how to make sure your iPhone installs it right away.

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.