Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...

Why automotive and battery manufacturers are replacing traditional duct systems with US tubing

Manufacturers are replacing traditional duct systems because long-term leakage, rising maintenance demands, and inconsistent ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC ...

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...

Apache Junction inks deal with Google for high-speed internet rollout

Google Fiber already serves Mesa, Chandler, Queen Creek and Tempe. The company opened a Mesa office in October.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

Microsoft’s new browser tool will make websites more keyboard-friendly

Half of all websites fail basic keyboard navigation. Microsoft's new browser tool wants to change that — and it only takes one HTML attribute to do it.
LinuxInsider

How to Harden Firefox for Better Security on Linux

This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Visual Studio Magazine

TypeScript 6.0 RC Bridges to Go-Based Future

TypeScript 6.0 RC represents the final major release built on the current JavaScript-based compiler. The upcoming TypeScript 7.0 will use a Go-based native implementation for enhanced speed and memory ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...