InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.
The Next Web

Oslo’s Unleash raises $35M to govern AI-generated code as European enterprise bets grow bolder

Unleash has raised $35M in Series B to expand its open-source feature management platform as AI-generated code strains software stability.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
The Hacker News

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

Transparent Tribe uses AI tools to mass-produce polyglot malware targeting India using Slack, Discord, and Google Sheets C2.
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...