Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
SD Times

SD Times news digest: npm improves JavaScript security in npm Enterprise, Microsoft open sources its recipe to pre-train BERT, and Anaxi adds Bitbucket support

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Business Wire

Halo Security Now Detects API Keys and Secrets Exposed in JavaScript

SAN FRANCISCO--(BUSINESS WIRE)--Web properties are increasingly relying on third-party JavaScript to increase functionality, but this can also bring inherent risks. A report from Source Defense, which ...
Dark Reading

Coding Tips to Sidestep JavaScript Vulnerabilities

The Internet was all about gray backgrounds and dull text boxes in the '90s. But JavaScript changed that, allowing us to enjoy dynamic text, interactive websites, and clickable elements without ...
Dark Reading

JavaScript Packing Found in More Than 25% of Malicious Sites

JavaScript obfuscation continues to be a favored method among cyberattackers for sneaking past defenses to deliver a broad range of payloads. However, even a good method for flagging the presence of ...
Bleeping Computer

Exploited Windows zero-day lets JavaScript files bypass security warnings

An update was added to the end of the article explaining that any Authenticode-signed file, including executables, can be modified to bypass warnings. A new Windows zero-day allows threat actors to ...