AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Yahoo Finance

Arcjet Launches v1.0 of its JavaScript SDK, Establishing Stability as a Core Developer Feature

Production-ready SDK marks the end of beta after two years of public iteration, with a stable API teams can confidently build on For security products, adoption depends heavily on reliability. In the ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, ...
Infosecurity-magazine.com

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, including the JavaScript SDK that underpins the AWS Console. The issue, dubbed ...
VentureBeat

OpenAI announces Apps SDK allowing ChatGPT to launch and run third party apps like Zillow, Canva, Spotify

OpenAI's annual conference for third-party developers, DevDay, kicked off with a bang today as co-founder and CEO Sam Altman announced a new "Apps SDK," or software development kit, that makes it ...
Windows Report

Javascript Error Occurred in the Main Process [Windows 11 Fix]

JavaScript errors are common when you stay long periods of time without updating your browser. It may seem like a small error that can be ignored, but it increasingly ...
InfoWorld

ECMAScript 2025: The best new features in JavaScript

We’ll start with the most far-reaching addition, which the spec describes as “a new Iterator global with associated static and prototype methods for working with iterators.” The most exciting part of ...
coincentral

XRPL JavaScript SDK Breach Triggers Urgent Security Update

Malicious versions of the xrpl SDK on NPM leaked private keys. Update to v4.2.5 immediately. Fake SDKs (v4.2.1–v4.2.4, v2.14.2) were uploaded with a backdoor. Private keys may be compromised. The XRP ...
GitHub

arcgis-maps-sdk-for-javascript

Calcite Design System provides a library of patterns, icons, and ready-to-use, reusable web components to help developers easily build consistent web applications. In this session, you'll learn about ...
The Hacker News

Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised ...
VentureBeat

OpenAI's strategic gambit: The Agents SDK and why it changes everything for enterprise AI

OpenAI reshaped the enterprise AI landscape Tuesday with the release of its comprehensive agent-building platform – a package combining a revamped Responses API, powerful built-in tools and an ...