AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Opinion
PCMagOpinion

I Vibe Coded a Global Mass-Surveillance Site in 2 Hours Using OpenAI's Codex. That's a Privacy Nightmare

With zero coding skills, I was able to quickly assemble camera feeds from around the world into a single view. Here's how I did it, and why it's both promising and terrifying for all of us.
GitHub

Bootstrap Gutenberg Blocks for WordPress

Bootstrap Gutenberg Blocks for WordPress. This plugin adds Bootstrap components and layout options as Gutenberg blocks. Fluid: If enabled the container will use the full available width, spanning the ...

Google GWS CLI Brings Full Workspace Access to AI Agents

Google Workspace CLI adds cross-app command control with pre-built skills; setup needs Google Cloud APIs and an OAuth client in one project.
InfoQ

Cloudflare Releases Experimental Next.js Alternative Built with AI Assistance

Cloudflare released vinext, an experimental Next.js reimplementation built on Vite by one engineer, with AI guidance over one ...

Claude AI discovered 22 Firefox flaws. Here's how many it figured out how to exploit.

"Claude Opus 4.6 discovered 22 vulnerabilities over the course of two weeks. Of these, Mozilla assigned 14 as high-severity vulnerabilities —almost a fifth of all high-severity Firefox vulnerabilities ...

Small businesses see big tradeoffs with online lenders

Small-business owners are increasingly turning to online lenders for financing — but that's come with added headaches for ...