Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
GitHub

TypeScript SDK for Beeper Desktop API

This library provides convenient access to the Beeper Desktop API from server-side TypeScript or JavaScript. The documentation for Beeper Desktop API can be found on ...
GitHub

A boilerplate/starter project for quickly building RESTful APIs using Node.js, Express, and Mongoose.

Handles user login, logout, password resets, and email verification processes. Ensures secure access through bearer token authentication. User Profile Management: Facilitates fetching and updating ...
GIGAZINE

X (formerly Twitter) announces new pay-as-you-go pricing model for developer APIs, officially moving away from fixed monthly fees of $200 or $5,000

Twitter (formerly Twitter) has announced a new pay-as-you-go pricing model for its API. Previously, developers had to pay a fixed monthly fee of $200 or $5,000, but now they can purchase credits and ...