Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
Bleeping Computer

Password guessing without AI: How attackers build targeted wordlists

Passwords remain a persistent point of tension between usability and security. Controls designed to strengthen authentication often introduce complexity, which encourages users to rely on familiar ...
Ars Technica

Mandiant releases rainbow table that cracks weak admin password in 12 hours

Security firm Mandiant has released a database that allows any administrative password protected by Microsoft’s NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the ...
New Scientist

Passwords will be on the way out in 2026 as passkeys take over

Can you remember all your passwords off the top of your head? If so, you probably have too few of them – or, heaven forbid, only one that you use everywhere. But that problem could become a thing of ...
techtimes

Master Password Security: Set Strong Passwords and Manage Them Safely for Online Protection

Password security is a crucial aspect of digital safety, requiring users to create strong passphrases that balance memorability with resistance to attacks. Recommended passphrases are 12–16 characters ...
Forbes

800 Million Compromised Passwords — What You Need To Know

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. When it was reported that Gmail passwords were amongst a batch ...
Digital Trends

Windows 11 finally lets you use Passkeys through your own password manager

This is important because: Passkeys are part of the FIDO standard, a newer authentication method that replaces passwords with secure, device-bound cryptographic keys. Unlike passwords, passkeys can’t ...
Wired

Your Browser’s Password Manager Is Better Than Ever. You Still Shouldn’t Use It

Your browser wants to manage your passwords. Maybe it's to make your browsing experience more seamless in the hotly competitive browser wars, or maybe it's a response ...
PC World

15.8 million PayPal accounts at risk: stolen passwords put up for sale

A hacker going by the name Chucky_BF has allegedly stolen details for 15.8 million PayPal accounts and is selling them on an internet forum at a bargain price of just $750 USD. The treasure trove of ...
GitHub

salted-password-hashing

Add a description, image, and links to the salted-password-hashing topic page so that developers can more easily learn about it.