The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
A five-character fix turned a failing Lighthouse Agentic Browsing audit into a clean pass. What that reveals about what the audit actually measures.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Google is tightening Chrome extension rules with stricter privacy requirements, AI safeguards, and new bans on prediction market tools.
A rare privacy win for Chrome users ...
Plus, CCH Axcess adds complex document ingestion and interpretation; TaxStatus launches Planning Observations to automate discovery; and other accounting tech news and updates.