Home/Tag/Javascript

Javascript

7 articles tagged with "Javascript"

Malware4 min read

node-ipc Hijacked via Expired Domain, Steals 90+ Credential Types

Attackers seized control of node-ipc by re-registering the maintainer's expired email domain. Three malicious versions now harvest AWS, GCP, Azure keys and more.

James RiveraMay 15, 2026

Vulnerabilities5 min read

Protobuf.js RCE Flaw Threatens 50 Million Weekly npm Downloads

Critical code injection vulnerability (GHSA-xq3m-2v4x-88gg, CVSS 9.9) in protobuf.js allows arbitrary JavaScript execution via malicious schemas. Patch now.

Marcus ChenApr 18, 2026

Malware4 min read

AppsFlyer SDK Hijacked to Steal Crypto via Supply Chain Attack

Attackers compromised AppsFlyer's domain registrar to inject crypto-stealing JavaScript into their Web SDK. The malware swaps wallet addresses for Bitcoin, Ethereum, Solana, and more.

James RiveraMar 14, 2026

Malware3 min read

Wikipedia Hit by Self-Propagating JavaScript Worm

A dormant JavaScript worm activated during a security review vandalized 4,000 Wikipedia pages in 23 minutes. Here's what happened and why it matters.

James RiveraMar 7, 2026

Malware3 min read

Wikipedia Hit by Self-Propagating JavaScript Worm

A dormant JavaScript worm activated during a Wikimedia security review modified 4,000 pages and infected 85 user scripts in 23 minutes before containment.

James RiveraMar 7, 2026

Vulnerabilities4 min read

Angular XSS Flaw Bypasses Sanitization via SVG Script Tags

CVE-2026-22610 lets attackers inject JavaScript through SVG script attributes that Angular's sanitizer fails to recognize. Patches available for versions 19-21.

Marcus ChenJan 11, 2026

Malware4 min read

Malicious npm Package 'lotusbail' Hijacked WhatsApp Accounts for Six Months

Supply chain attack disguised as working WhatsApp API library stole credentials, messages, and linked attacker devices to victim accounts. 56,000+ downloads since May.

James RiveraDec 28, 2025