The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
SiliconANGLE

Report warns that browser-native ransomware is a growing threat to enterprise data

A new report out today from cybersecurity company SquareX Inc. is warning of a dangerous new evolution in ransomware: browser-native attacks that bypass traditional defenses and put millions of users ...
Hosted on MSN

Critical React Native Metro dev server bug under attack as researchers scream into the void

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven't received the ...
CSOonline

Flaw in React Native CLI opens dev servers to attacks

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0. A critical remote-code execution (RCE) flaw ...
Infosecurity-magazine.com

MacOS Native Tools Enable Stealthy Enterprise Attacks

A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade detection, according to new research examining "living-off-the-land" (LOTL) ...
Dark Reading

AI-Native Security Is a Must to Counter AI-Based Attacks

Slow human-controlled defenses won't be enough for autonomous agents spun off by technologies like OpenClaw, experts say. Artificial intelligence-native security will be needed to fend off threats.