The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

We may earn commission from links on this page, but we only recommend products we love. Promise. Listen, I’ll be the first person to tell you that homemade face masks can be a little questionable.