This popular app builder has been hijacked to steal Microsoft account details - here's what we know

Bubble.io's good name is being tarnished by advanced and convincing phishing lures.
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Cyber Daily

Code security platform Trivy compromised by malicious packages

The open-source supply chain hack represents “meaningful industry-wide risk”, according to an industry expert.
SecurityWeek

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

Polyfill supply chain attack that hit more than 100,000 websites has now been linked to North Korean threat actors.
IEEE

Javascript Code Simplification And Optimization Based On Hybrid Static and Dynamic Analysis Techniques

Abstract: With the increasing complexity of Web application functions, JavaScript libraries are widely used to improve development efficiency and user experience. However, many applications do not ...