The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
InfoWorld

8 cutting-edge web development tools you don’t want to miss

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary ...

Chrome is now 'faster than ever,' and Google wrote a technical love letter to prove it

Google says Chrome is now 'meaningfully faster,' as it breaks down the technical changes behind the browser's speed boost.

Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...

Three free office suites vs. Microsoft 365 – technology comparison

The real difference lies deeper – because where should a web office suite run in the first place? All answers are legitimate: ...

Meet Wander, a StumbleUpon-inspired tool for discovering the ‘small web’

This open-source community project lets you create a StumbleUpon-like experience for recommending your favorite sites.
Analytics Insight

Top Functional Testing Tools & Frameworks You Should Know in 2026

Overview:  Functional testing tools help teams verify that software works as expected across web, mobile, and API ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...