AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed to delete articles and place Russian text in the edit summary.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Security Boulevard

How Threat Actors Turned OpenClaw Into a Scraping Botnet

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...

WebMCP explained: Inside Chrome 146’s agent-ready web preview

WebMCP exposes structured website actions for AI agents. See how it works, why it matters, and how to test it in Chrome 146.
GitHub

High-Performance In-Browser LLM Inference Engine.

WebLLM is a high-performance in-browser LLM inference engine that brings language model inference directly onto web browsers with hardware acceleration. Everything runs inside the browser with no ...