Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Why AI is both a curse and a blessing to open-source software - according to developers

AI has turned security triage into 'terror reporting,' draining time, attention, and the 'will to live.' But, used right, it can help. Here's how.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Anthropic’s Claude found 22 vulnerabilities in Firefox in two weeks

The test also showed that Claude is significantly better at finding security flaws than at writing code to exploit them. Despite spending around $4,000 in API credits, the team on ...

Claude Opus 4.6 Discovers 22 Firefox Vulnerabilities in Just Two Weeks

Claude AI discovered 22 Firefox vulnerabilities in two weeks, including 14 high severity flaws, showing how AI speeds up security research.
PCMag on MSN

Wikipedia forced to lock down edits over JavaScript that could delete pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
The Bakersfield Californian

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...