InfoWorld

8 cutting-edge web development tools you don’t want to miss

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
Impress Watch

マイクロソフト、翻訳“コストゼロ”も可能 EdgeのローカルAI強化

米Microsoftは、Microsoft Edgeに導入するオンデバイス動作の生成AIについて3つのアップデートを発表した。 すでに提供している開発者向けの「Prompt API」と「Writing Assistance API」には、デバイスのサポートが限定的だった「Phi-4-mini」に代わり、より小さく効率的な ...

「Google Chrome 149」安定版リリース、CSSのgapのスタイルを指定できる ...

ウェブブラウザ「Google Chrome」の最新安定版であるバージョン149がリリースされました。グリッドやフレックスボックスなどのレイアウトの「gap」にけい線や装飾を追加できる「CSS gap ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Web browsers can spy on information via SSD access times

IT researchers have demonstrated a side-channel attack called "FROST" where browsers can spy on user behavior via SSD access times.
Tom's Hardware on MSN

Researchers say they can spy on your browsing by measuring SSD activity through a browser API

FROST exploits the Origin Private File System (OPFS), a browser API that lets websites create and store files on a user's local disk.