The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and exfiltrate data.