Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Bleeping Computer

Password guessing without AI: How attackers build targeted wordlists

Passwords remain a persistent point of tension between usability and security. Controls designed to strengthen authentication often introduce complexity, which encourages users to rely on familiar ...
The Sun

Hackers ‘break into Epstein’s personal email accounts after finding passwords in files’

HACKERS claim they have broken into Jeffrey Epstein’s Outlook account after his password was mentioned in the latest release of files. Passwords for several of the notorious sex offender’s accounts ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
ZDNet

What is a passkey? The easy explanation - and how they beat passwords

Passkeys let you sign in without typing or remembering passwords. Unlike passwords, they're resistant to phishing. Syncable passkeys make secure sign-ins easy across devices. Over the past year or so, ...