The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
Inc

Elon Musk’s Twitter Deal Looked Like a $44 Billion Disaster. Now, His Investors Stand to Make a 200 Percent Return—Thanks to a Brilliant (and Controversial) M&A Move

He wasn’t the only one caught up in the brouhaha, either. Of the $44 billion transaction, an estimated $10 billion came in the form of equity put up by outside investors, including both preexisting ...
New York Magazine

The SpaceX IPO Reveals What Really Happened to Twitter

If you want to know what has happened to Twitter, the app and the website, in the past few years, you can just open up X and see for yourself. Like everything else on the internet, it has become a bit ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...