Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...

Electron apps are ruining the Windows 11 experience, and even the JavaScript creator has warned against ‘rushed web UX over native,’ but it doesn’t look like that will change Microsoft’s plans. In a ...

⚠️ Status: Public Preview - Electron on Windows Gallery is in public preview and in active development. It is not yet publishes to the Microsoft Store. We'd love your feedback! Share your thoughts by ...

Microsoft’s new winapp CLI simplifies Windows app development with one-command setup, faster testing, and easier packaging. Microsoft is trying to make Windows app development feel a lot less painful.

From Discord and Teams to WhatsApp, Windows Search, the Start menu, and even the new Agenda view in Notifications Center, Windows 11 keeps doubling down on web junk, and it’s getting so out of control ...

In December 2025, a critical remote code execution vulnerability was disclosed in DeepChat, an open-source desktop AI agent platform built using Electron. The issue, tracked as CVE-2025-67744, affects ...

Thirty years ago today, Netscape Communications and Sun Microsystems issued a joint press release announcing JavaScript, an object scripting language designed for creating interactive web applications ...

Seraphic, the leader in enterprise browser security (SEB) and AI enablement, today announced native protection for Electron-based applications such as ChatGPT desktop, Teams, Slack, and more, becoming ...