techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.6K
active users

#browser

102 posts85 participants9 posts today

I guess if anybody cares, next Tuesday, #Firefox 141 will be released. Among other things, a few good items:

1. On #Linux, Firefox uses less memory and no longer requires a forced restart after an update has been applied by a package manager.

2. Support for #Cookies Having Independent Partitioned State (CHIPS) is now re-enabled, allowing developers to opt a cookie into storage partitioning per top-level site.

References:
- mozilla.org/en-US/firefox/141.
- developer.mozilla.org/en-US/do

I've been trying out Dia after using Arc as my main browser for quite a while now. What messes with me the most is that I'm back to making 5,6,7 windows to manage different projects or tasks. Spaces were such a good feature for me and I sorely miss them 💔

#browser #linux #fedora

I come to ye all in search of the Goodest Browser. Chrome is a work of the Devil, as we all know, despite having the best toolkits. Firefox was once my favorite, but running top reveals it to be farting out these monstro Isolated Web Co processes.

So what should I be using, with a modicum of privacy and a slimmer profile?

Powerful MaaS On the Prowl for Credentials and Crypto Assets

Katz Stealer is a sophisticated infostealer marketed as Malware-as-a-Service (MaaS), launched in early 2025. It features robust credential and data theft capabilities, along with modern evasion and anti-analysis techniques. The stealer targets a wide range of personal and sensitive information, including passwords, cryptocurrency keys, and browser session data. Operated through a web-based management panel, Katz Stealer allows affiliates to generate custom payloads and manage stolen data. Its infection chain involves obfuscated JavaScript droppers, steganography, and process hollowing techniques. The malware focuses heavily on browser data theft and cryptocurrency wallet targeting, with the ability to bypass some browser security measures.

Pulse ID: 68795169d12d2d2919a05908
Pulse Link: otx.alienvault.com/pulse/68795
Pulse Author: AlienVault
Created: 2025-07-17 19:39:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Evolution of macOS Odyssey Stealer: New Techniques & Signed Malware

A new variant of the Odyssey infostealer for macOS has been discovered, featuring code signing, notarization, and a persistent backdoor. The malware mimics a Google Meet updater and uses a SwiftUI-based 'Technician Panel' for social engineering. It steals sensitive data, including passwords, browser information, and cryptocurrency wallet contents. The stealer now includes a second-stage payload that establishes persistence and communicates with a command-and-control server. Notable features include dynamic command execution, network tunneling capabilities, and self-termination mechanisms. The malware also employs anti-analysis techniques to evade researchers. Multiple signed and notarized samples have been identified in the wild, indicating an evolution in the threat actor's tactics.

Pulse ID: 68792679d13c814d91c9c973
Pulse Link: otx.alienvault.com/pulse/68792
Pulse Author: AlienVault
Created: 2025-07-17 16:36:09

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

SVG Smuggling - Image Embedded JavaScript Redirect Attacks

Threat actors are increasingly using Scalable Vector Graphics (SVG) files to deliver JavaScript-based redirect attacks. These SVGs contain embedded, obfuscated JavaScript that initiates browser redirects to attacker-controlled infrastructure. The campaign uses email spoofing and impersonation to deliver the SVGs, bypassing traditional file-based detection. The embedded code uses XOR encryption and reconstructs the redirect command at runtime. The attack targets B2B Service Providers, including those handling corporate financial and employee data. Mitigation strategies include implementing DMARC policies, blocking SVG attachments, and enhancing email security measures. The campaign demonstrates a shift towards smuggling techniques that avoid triggering traditional security alerts.

Pulse ID: 6878f6e6ce9d5286edc46238
Pulse Link: otx.alienvault.com/pulse/6878f
Pulse Author: AlienVault
Created: 2025-07-17 13:13:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Just learned of Ladybird. 👀

What does "No code from other browsers" really mean?


The focus of the Ladybird project is to build a new browser engine from the ground up. We don't use code from Blink, WebKit, Gecko, or any other browser engine.

For historical reasons, the browser uses various libraries from the SerenityOS project, which has a strong culture of writing everything from scratch. Now that Ladybird has forked from SerenityOS, it is no longer bound by this culture, and we will be making use of 3rd party libraries for common functionality (e.g image/audio/video formats, encryption, graphics, etc.)

We are already using some of the same 3rd party libraries that other browsers use, but we will never adopt another browser engine instead of building our own.

ladybird.orgLadybirdLadybird is a truly independent web browser, backed by a non-profit.

Ah yes, the age-old tale: 🦄 #tulips, 🚽 #toilets, 🚂 #trains, and - wait for it - 🐉 browser tabs! Alex Moon's groundbreaking revelation: We open too many tabs, and it's clearly a direct link to the decline of #civilization. But please, tell us more about how Mozilla's 2004 Firefox ad stopped the world from spinning. 🥱
ajmoon.com/posts/when-is-tech- #browser-tabs #HackerNews #ngated

ajmoon.comWhen Is Tech Not Hype? Tulips, Toilets, Trains - and Tabs - Alex Moon - tech, innovation, society, gamesAlex Moon is an Australian-British software engineer and artist based in the North East of England.

> From booking a restaurant reservation with details you provide, or simply #browsing the #web to compile information on a topic, #Comet is a completely new way of spending time online, and I’ve found my first 48 hours to be incredibly eye-opening.

> once the workflow of asking it to figure things out so I could focus on other, more pressing tasks started to make sense, I began to see Comet’s true potential.

techradar.com/computing/artifi

TechRadar · I used Perplexity’s new Comet browser to book a restaurant while I wrote this article, and honestly it’s the first time AI has wowed meI've found AI's purpose