New font-rendering trick hides malicious commands from AI tools

A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML.
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
XDA Developers on MSN

I stopped using Obsidian after finding this self-hosted notes app

Escaped the productivity rabbit hole ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...
The Financial Times

AI’s ‘memorisation’ problem: the novels it can’t forget

Simply sign up to the Artificial intelligence myFT Digest -- delivered directly to your inbox. The world’s top AI models can be prompted to generate near-verbatim copies of bestselling novels, raising ...
ABC7 San Francisco

6 backcountry skiers rescued, 9 missing after avalanche near Donner Pass in Sierra Nevada: officials

NEVADA CITY, Calif. -- The six backcountry skiers rescued after being caught in a Donner Pass avalanche are now safely off the mountain, Nevada County Sheriff's office said Tuesday night. Sheriff's ...