Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
PCMag on MSN

Wikipedia forced to lock down edits over JavaScript that could delete pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC ...

Iran war: Why is Russia not coming to Tehran's aid?

The beleaguered Iranian regime, with very few international allies, has been counting on Moscow's support amid the ongoing US ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Software Development: Abstraction is Overrated

Abstraction is considered a virtue in software development. However, practice shows that wrong abstractions cause more harm ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
CPO Magazine

Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits, without users needing to interact in any way or being at all aware that ...
CPO Magazine

Researchers Warn Benign Google API Keys Could be Exploited to Rack Up Gemini AI Bills

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat actors after gaining Gemini AI authorization permissions, in a destructive ...