The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
Cybernews

Code that works can also be malware: this WhatsApp API is stealing messages

A malicious npm WhatsApp library with 56,000 downloads secretly stole messages, credentials, and contacts in a sophisticated ...
Windows LatestOpinion

JavaScript creator warns against “rushed web UX over native” as Windows 11 leans harder ...

JavaScript creator says rushed web UX causes bloat and points to WebView2/Electron as Windows 11’s bigger problem.

Page 2: The winner's podium: ranks 3 to 1

Security topics take the top spots by a clear margin: in software development, it's supply chain incidents that make life ...
InfoQ

ReScript 12.0 Released with New Build System

ReScript 12.0 has launched, marking a milestone in modernizing the language with a rewritten build system, improved ...
The Hacker News

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

First 2026 cyber recap covering IoT exploits, wallet breaches, malicious extensions, phishing, malware, and early AI abuse.

LinkedIn Attack Alert — 1.2 Billion Users Must Watch For Red Flags

If you are one of the 1.2 billion registered users of the LinkedIn professional social network platform, pay attention to ...

なぜテストが必要なのか

Iプログラミングアシスタントツール「GitHub Copilot Chat」を使って、JavaScriptによるWebアプリケーションの開発の仕方を学ぶ本連載。今回は、作成したアプリの品質を保証するための「テスト」を、Copilot ...

GitHub、npmへのサプライチェーン攻撃「Shai-Hulud」対応方針を発表 ...

GitHubは12月23日(現地時間)、npmへのサプライチェーン攻撃「Shai-Hulud」について、被害状況と今後の対策計画を発表した。Shai-Huludは複数回にわたり、JavaScriptエコシステムのパッケージとメンテナワークフローの信頼 ...