Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
CNN

Astronomers detect a solar system they say should not be possible

An exoplanetary system about 116 light-years from Earth could flip the script on how planets form, according to researchers who discovered it using telescopes from NASA and the European Space Agency, ...
Hackaday

Ask Hackaday: How Do You Detect Hidden Cameras?

The BBC recently published an exposé revealing that some Chinese subscription sites charge for access to their network of hundreds of hidden cameras in hotel rooms. Of course, this is presumably ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
PC Magazine

Real or AI? 7 Clues to Spot Fake Images Right Away

I’ve been writing about consumer technology and video games for more than a decade at a variety of publications, including Destructoid, GamesRadar+, Lifewire, PCGamesN, Trusted Reviews, and What Hi-Fi ...