JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...

Discover how free calling no download works, why it beats app installs, and how tools like Call2 let you connect globally without friction.

Google has launched Chrome version 149 to address more than 70 security vulnerabilities, prominently featuring a high-severity zero-day exploit tracked as CVE-2026-11645. Discovered by an independent ...

Extensions, userscripts, and ad blocking Chrome won't touch — all on Android.

Just ahead of WWDC, Google's fresh benchmarks for the Chrome browser have revealed impressive speed boosts when optimized on Apple devices. The latest tweaks in V8 and Blink, particularly tailored for ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Google has released an unscheduled update for Chrome to close two critical security vulnerabilities. As criminals are already actively using these vulnerabilities for attacks, all users are advised to ...

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...

Almost everyone wants their internet activity to remain private. Even if you don't visit embarrassing sites, you probably want to ensure Facebook doesn't decide what ads to show you. But while you can ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...