AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GitHub

Earth & Home - Real Estate Platform

# PocketBase Configuration NEXT_PUBLIC_POCKETBASE_API_URL=http://127.0.0.1:8090 # Add other required environment variables ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish ...
Science Daily

Scientists find cancer-linked chemicals in popular hair extensions

A sweeping new study has uncovered a troubling mix of hazardous chemicals in popular hair extensions, including products made from human hair. Researchers detected dozens of substances linked to ...
GitHub

A Chrome extension that archives any authenticated website as self-contained HTML files. Each page is saved with fully inlined CSS, fonts, images, and JavaScript — so the ...

Most web archivers require you to log in separately or can't access pages behind authentication. This extension runs inside your existing Chrome session, so it can ...
Dark Reading

260K+ Chrome Users Duped by Fake AI Browser Extensions

The Chrome Web Store has been infested with dozens of malicious browser extensions claiming to provide AI assistant functionality but that secretly are siphoning off personal information from victims.