Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
GitHub

xcsv is a package for reading and writing extended CSV files.

Extended header section of parsable attributes, introduced by '#'. Header row of variable name and units for each column. Data rows. Depending on the presence of special keys in the extended header ...