The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows ...
InfoWorld

8 cutting-edge web development tools you don’t want to miss

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

Meet Fabrice Bellard: The French engineer whose code powers YouTube, Netflix and TikTok, yet he has spent 30 years quietly out of the spotlight

Most people can name the founders of Apple, Microsoft, Meta or Tesla. Fabrice Bellard remains largely unknown outside ...

Meet Wander, a StumbleUpon-inspired tool for discovering the ‘small web’

This open-source community project lets you create a StumbleUpon-like experience for recommending your favorite sites.

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Three free office suites vs. Microsoft 365 – technology comparison

The real difference lies deeper – because where should a web office suite run in the first place? All answers are legitimate: ...
MUO on MSN

I blocked location permissions on every site but websites were still tracking me through 3 other signals I hadn't considered

My browser was still volunteering a rough answer anyway.

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...
The Tech Edvocate

How to install Node.js

Spread the love“`html Node.js has become a critical part of many developers’ toolkits, enabling them to run JavaScript on the server side and create scalable web applications. If you’re looking to ...
The Financial Express

‘CBSE portal very easy to exploit’: Class 12 hacker says he ‘didn’t expect amateur vulnerabilities’ | Exclusive

Just before appearing for his own Class 12 board exams, teenager and cybersecurity hobbyist Nisarga Adhikary claims he uncovered major vulnerabilities in a portal linked to CBSE’s digital evaluation ...