Decrypt

Apple iPhone Hacking Kit Used By Spies, Crypto Scams Could Have US Intelligence Origins

Researchers said a sophisticated exploit kit with 23 iOS vulnerabilities is being used by espionage and cybercrime campaigns.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
InfoQ

So You’ve Decided To Do a Technical Migration

Sophie Koonin discusses the realities of large-scale technical migrations, using Monzo’s shift to TypeScript as a roadmap. She explains how to handle "bends in the road," from documentation and ...
PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
The Register-Herald

Stranded travelers scramble to make new connections as war shuts much of Middle East to air travel

Hundreds of thousands of stranded travelers are scrambling to make new connections and get through to airlines on jammed phone lines after the attack on Iran by the United States ...

OpenAI releases Codex for Windows

OpenAI today released the Codex app for Windows, powered by OpenAI’s frontier coding models, and it’s now the only coding agent with a first-class Windows experience.