The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Yahoo

Yahoo Life: Latest News on Health, Wellness, Style, Fashion Trends and More

Yahoo Life is your source for style, beauty, and wellness, including health, inspiring stories, and the latest fashion trends.
GitHub

Security: Webviews can trigger arbitrary keyboard shortcuts in the main workbench #319593

Though, taking a closer look at desktop VSCode now, not sure if I'm doing something wrong, but it looks like even in untrusted workspaces/restricted mode the notebook editor does in fact load and ...
GitHub

agarwalvishal/claude-chat-exporter

Claude Chat Exporter A JavaScript tool that exports Claude.ai conversations with perfect markdown fidelity by leveraging Claude's native copy functionality. Get complete conversations with both human ...