Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
IT之家

已修复:周下载 350 万次的 jsPDF 库曝 9.2 分漏洞,可经由 PDF 窃取敏感 ...

IT之家1 月 8 日消息,科技媒体 bleepingcomputer 昨日(1 月 7 日)发布博文,报道称广泛使用的 JavaScript PDF 生成库 jsPDF 近期报告严重安全漏洞(CVE-2025-68428),CVSS 评分高达 9.2,官方已发布 4.0.0 版本修复此问题。 IT之家注:jsPDF 是一个强大的开源 JavaScript 库,每周 ...
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT ...
Android Authority

Amazon is loosening its grip on Kindle book downloads, if only slightly

Amazon will allow EPUB and PDF downloads for DRM-free Kindle books starting January 20, 2026. The change follows Amazon’s removal of the long-standing USB download option in 2025. Only titles where ...
Digital Trends

You’ll soon be able to access your Kindle eBooks on other e-readers

So far, Amazon has restricted Kindle eBooks to its Kindle devices and apps, with no official way for users to read titles purchased from the Kindle Store on third-party e-readers or through other apps ...
Good e-Reader

Amazon will let you download your e-books in EPUB in 2026

In early 2026, Amazon will allow users to back up their Kindle Books in EPUB. This is the biggest news in publishing in quite some time.
talkandroid.com

My Gmail trick to convert any PDF to Word with zero downloads

Editorial Note: Talk Android may contain affiliate links on some articles. If you make a purchase through these links, we will earn a commission at no extra cost to you. Learn more. Need to turn a PDF ...
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...
TechSpot

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

What the Script: Supply chain attacks are traditionally designed to inflict maximum damage on structured organizations or companies. However, when such an attack compromises a supply chain that an ...
blockonomi

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

18 popular NPM packages with over 2 billion weekly downloads were compromised through a phishing attack targeting developer “Qix” The malware functioned as a “crypto-clipper,” silently replacing ...
The Hacker News

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who ...