DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...
Security Boulevard

Fake Pudgy World site steals your crypto passwords

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
Hacker

Go's Cryptography Packages Were Audited: The Results

Go is an open-source programming language used by companies such as Google, Meta, Microsoft, and more. Go is an open-source programming language used by companies such as Google, Meta, Microsoft, and ...
IEEE

Debun: Detecting Bundled JavaScript Libraries on Web using Property-Order Graphs

Abstract: Detecting front-end JavaScript libraries in web applications is essential for website profiling, vulnerability detection, and dependency management. However, bundlers like Webpack transpile ...
Crypto Briefing

Coinbase unveils new Agentic Wallets enabling AI agents to hold and send crypto

Coinbase today unveiled Agentic Wallets, a system enabling autonomous artificial intelligence agents to hold funds, execute blockchain transactions, and manage digital identities without human ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
Crypto Briefing

Satoshi Nakamoto Institute launches fundraising for Bitcoin Library

The Satoshi Nakamoto Institute has launched a fundraising campaign to build the Library of Bitcoin, a project dedicated to preserving Bitcoin’s ideas, history, and foundational documents before they ...
Tech Digest

Underwater drones deployed, Javascript library vulnerable to hacking

The UK’s Royal Navy has bought a fleet of Remus 300 unmanned underwater vehicles from US defence contractor HII. Photo: HII A popular JavaScript cryptography library is vulnerable in a way which could ...