Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Can tiny bubbles bring the Indian River Lagoon back to life?

Titusville is testing nanobubble technology in the Indian River Lagoon to improve water quality and help marine life breathe.
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
Network World

AI transforms ‘dangling DNS’ into automated data exfiltration pipeline

Generative AI is raising the risk of dangling DNS attack vectors, as the orphaned resources are no longer just a phishing ...