Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.