The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and screen capture.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GitHub

HtmlTinkerX & PSParseHTML - Modern HTML Processing for .NET and PowerShell

The crawl reports and per-page manifests now also expose extraction observability data, so you can tell whether a page used Raw, Focused, or Reader mode, whether it matched an exact selector or fell ...
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...
GitHub

golivecosmos/llm-react-node-app-template

To get started, follow the below steps: ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
InfoWorld

WebMCP API extends web apps to AI agents

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling collaborative workflows between users and agents within the same web ...