LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Say goodbye to source maps and compilation delays. By treating types as whitespace, modern runtimes are unlocking a “no-build” TypeScript that keeps stack traces accurate and workflows clean.

The Malwarebytes blog warns of a new wave of compromised browser extensions. The technique used, called steganography, is ingenious: A group of researchers found 17 new contaminated extensions ...

This project provides a complete Bun runtime for Termux Android, enabling native JavaScript/TypeScript execution without container dependencies. It uses glibc-runner for compatibility with standard ...

Note: jsrun is under development. Expect breaking changes between minor versions. One of the most compelling use cases for jsrun is building safe execution environments for AI agents. When LLMs ...

Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity. The applications, called ‘Chat GPT for Chrome with GPT-5, Claude Sonnet ...

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to ...

Chrome extensions are supposed to make your browser more useful, but they've quietly become one of the easiest ways for attackers to spy on what you do online. Security researchers recently uncovered ...