Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
The Hacker News

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle East conflict.

Iran intelligence backdoored US bank, airport, software outfit networks

MOIS-linked MuddyWater crew has a new, custom implant An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies' ...
PCMag on MSN

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed to delete articles and place Russian text in the edit summary.
Cybernews

Iran-linked Seedworm hackers found inside US bank, airline, tech networks

Researchers warn Iranian state-backed Seedworm hackers have infiltrated US–Israeli critical networks, raising fears of cyber attacks targeting US banking, airline, and tech sectors.
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.
PCMag Australia

$20K in Stolen Games, a $5M Crypto Blunder, and a Very Bad Week for Internet Security

This week in cybersecurity: stolen PlayStation accounts, AI chat transcripts sold by data brokers, tax-season scams, deepfake ...

Chrome 145 update fixes several critical browser vulnerabilities

A final security update for Chrome 145 eliminates a handful of vulnerabilities, including some labeled critical.