AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

Google Zero-Day Alert For 3.5 Billion Chrome Users—Attacks Underway

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day vulnerabilities.
Hosted on MSN

4 Microsoft Copilot Linux alternatives that are just as good (if not better)

I tested 20+ Linux desktop AI companions—several match or beat Copilot depending on use case. Newelle, LM Studio, PyGPT, and Jan.ai stand out for supporting local models, offline use, and more ...
Technobezz.com

Google patches two actively exploited Chrome zero-day vulnerabilities

Google issues emergency Chrome patches for two actively exploited zero-day vulnerabilities enabling remote code execution via malicious websites. Apple's budget-friendly MacBook Neo features a modular ...