Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

What it’s like to get caught in ICE’s surveillance web

Immigration and Customs Enforcement is using a variety of tools to surveil folks they want to intimidate and apprehend. That ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.
Ohio Capital Journal

Ohio lawmakers work to plug loophole that porn providers use to skirt age verification requirement

Amid mounting pressure, Ohio legislative members are working to plug a loophole that allows pornographic websites to get ...