AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
CNN

Astronomers detect a solar system they say should not be possible

An exoplanetary system about 116 light-years from Earth could flip the script on how planets form, according to researchers who discovered it using telescopes from NASA and the European Space Agency, ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Hackaday

Ask Hackaday: How Do You Detect Hidden Cameras?

The BBC recently published an exposé revealing that some Chinese subscription sites charge for access to their network of hundreds of hidden cameras in hotel rooms. Of course, this is presumably ...