Cybernews

Next.js turf war heating up: Cloudflare’s vibe-coded gambit humbled by critical security bugs

Cloudflare’s experimental AI-built Next.js alternative, vinext, has been released with critical security flaws, escalating a feud with Next.js maintainer, Vercel.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Vandalize Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...