Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Yahoo Finance

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built Entirely from Source

The risk in the JavaScript ecosystem isn't theoretical: earlier this month, a number of packages used by millions of developers were compromised via malicious code. These malware attacks against ...
ZDNet

Popular JavaScript library starts showing ads in its terminal

Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...
ZDNet

Hacker backdoors popular JavaScript library to steal Bitcoin funds

A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The ...
TechRadar

Popular JavaScript library can be hacked to allow attackers into user accounts

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate ...
Computerworld

Microsoft releases Windows Library for JavaScript as open source

Potentially helping developers more quickly build cross-platform applications, Microsoft is releasing as open source its WinJS JavaScript library for building Windows-styled controls. Now that the ...