The Hacker News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...

New DarkSword iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
腾讯网

我复刻了 Claude 刚发布的生成式 UI 交互!

前天 Anthropic 在 Claude 里面上线了基于生成式 UI 的新交互。可以帮你在聊天信息流里面用地吗可视化的方式介绍一些概念和信息,远比原来的纯文本要好理解。我之前就一直在看类似的方案,刚好 Claude 发了,我就感觉我也得加紧做了。同时刚好也可以逆向参考一下他的方案。疯狂 PUA 了两天 Codex 和 Claude ...
GitHub

A list of funny and tricky JavaScript examples

JavaScript is a great language. It has a simple syntax, large ecosystem and, what is most important, a great community. At the same time, we all know that JavaScript is quite a funny language with ...