Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...

npmx package browser released as alpha to fix pain of using npmjs

Project initiated by Nuxt lead Daniel Roe attracts wide support thanks to multiple issues with the official interface A new ...

OpenAI Launches Codex Desktop App for Windows, Expanding AI-Powered Coding Tools

OpenAI brings its AI coding assistant Codex to Windows, allowing developers to run multiple AI agents and streamline complex programming workflows.

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Foreign Affairs

The Mirage of a New Middle East

The Islamic Republic, knowing that this fight is existential, retaliated quickly with deadly missile and drone attacks on Israel, U.S. bases in the Middle East, and targets in Gulf states and beyond.

npmx.dev: New website for npm package search

The open-source project npmx is used for fast searching of npm packages. It focuses on UX, displays vulnerability warnings, and offers a dark mode.

LibreOffice Online dragged out of the attic, dusted off for another go

Browser-based version back on the menu, reopening questions about TDF's relationship with Collabora The Document Foundation ...

AI has made us all surveillance targets. This tool helps you fight back.

A new campaign by youth digital advocacy organization Gen Z For Change hopes to offer a solution. Today, the group launches " ...

OpenClaw has yet another major security flaw - here's what we know about 'ClawJacked'

Don't leave your OpenClaw with an easy password ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...