The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

Hi Sign Brewing files for bankruptcy but plans to stay open

The business had seen rising costs after it expanded and relocated during the pandemic. Its founder talks about what drove ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Days after exposing CBSE portal flaws, 19-year-old Nisarg Adhikary lands role at IIT Kanpur

Nineteen-year-old ethical hacker Nisarga Adhikary, who recently highlighted security vulnerabilities in CBSE's digital ...
Khaleej Times

IIT Kanpur hires Indian teen who exposed CBSE on-screen marking flaws

Nisarga Adhikary will work as Open Source Intelligence and Threat Intelligence Engineer. 'We will provide him with the ...

Smokin' Oaks Organic Farms files for Chapter 11 bankruptcy

The local organic grocer and butcher sources the majority of its food from a multigenerational Tennessee farm.

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...
Telegraph Herald

U.N. says at least 1 killed in crackdown on protests against the arrest of women in Afghanistan

A violent crackdown on a protest in western Afghanistan against the arrests of women for allegedly violating dress code regulations has left at least one person dead, the United Nations’ ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Telegraph Herald

OpenAI files confidential SEC paperwork for IPO, opening the door to a Wall Street debut

OpenAI has filed preliminary paperwork to potentially become a publicly traded company. The company announced Monday it has ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...