Web browsers can spy on information via SSD access times

IT researchers have demonstrated a side-channel attack called "FROST" where browsers can spy on user behavior via SSD access times.
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.

html2canvas 淘汰!Chrome 全新高性能 Canvas API 发布!

传统 html2canvas、SVG foreignObject 均为临时hack,存在静态无交互、性能差、隐私隐患等问题,无法兼顾开发效率与渲染能力。而 WICG 推出的 HTML-in-Canvas 原生提案,彻底解决了这一行业痛点。

How to Cut AI API Costs by 80%: AI.cc Publishes Step-by-Step Token Optimization Guide for ...

SINGAPORE, SINGAPORE, SINGAPORE, May 28, 2026 /EINPresswire.com/ -- Free guide draws on analysis of 2.4 billion API ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.