Cybersecurity Today Wikipedia Hit By JavaScript Worm, ICE Contractor Data Base Leaked and more...
5 snips
Mar 6, 2026 A self-propagating JavaScript worm spread through user scripts on a major collaborative site, forcing admins to restrict edits and replace compromised code. A hacktivist group claims to have leaked thousands of contractor applicant records tied to immigration contracts. Law enforcement and international partners dismantled a major cybercrime forum and seized its database, leading to arrests and follow-up notifications.
AI Snips
Chapters
Transcript
Episode notes
User Scripts Enabled A Self Propagating Worm
- Wikipedia's scripting features allowed a self-propagating JavaScript worm to spread via user.js files executed in logged-in editors' browsers.
- The worm used authenticated sessions to copy itself into other user and some global scripts, extending propagation until admins restricted edits and reverted files.
Contain Client Side Worms By Reverting And Restricting
- Contain client-side script incidents quickly by restricting edits, reverting compromised files, suppressing vandalized edits, and replacing affected scripts.
- Wikipedia admins applied these steps and stopped propagation while they investigate the originating account.
Claimed Leak Lists 6,681 ICE Contractor Applicants
- A hacktivist group called Department of Peace claimed to leak records tied to DHS Office of Industry Partnership covering 6,681 organizations that applied for ICE-related contracts.
- The dataset named firms like Microsoft, Palantir, Raytheon, and was published via Distributed Denial of Secrets while DHS has not yet confirmed authenticity.