The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
The Caledonian-Record

More than a quarter of private colleges are at risk of closing, new projection shows

The Hechinger Report reports over a quarter of private colleges face closure, with Sterling College closing this semester, ...
MSN on MSN

This JavaScript risk could cost developers dearly

Recently, npm, the essential package manager used by developers worldwide, suffered a massive supply chain attack. This ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows ...
AARP

Voters 50+ Could Decide the Primary Outcome in NY-12

Voters age 50 and older are likely to play a decisive role in New York’s 12th Congressional District Democratic primary, with one in five still undecided.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

New Frontier expands retail footprint after unaired ‘Shark Tank’ segment

After missing out on a “Shark Tank” spotlight, New Frontier landed REI and Brown-Forman deals — and is now closing in on a ...
AARP

AI is Already in Your Doctor’s Office, Even if No One Said a Word

Artificial Intelligence (AI) is quietly becoming a fixture in the doctor’s office, though most older adults have no idea.

Majority of young people want better online protections, according to results of major government consultation

Over a third of the young people wanted limits on autoplay videos and 66% supported age restrictions on the use of AI ...

The 20 highest-paying jobs in America? Doctors, doctors, more doctors

To find a better-paid group, economists say, you have to drill down to elite subcategories, such as corporate CEOs and law ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...