Yahoo Finance

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built Entirely from Source

The risk in the JavaScript ecosystem isn't theoretical: earlier this month, a number of packages used by millions of developers were compromised via malicious code. These malware attacks against ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
Hosted on MSN

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.… Since October 27, security shop Huntress says it has spotted three Gootloader ...
MediaNama

Why CERT-In Is Warning Startups and IT Companies About Dune-Inspired Malware ‘Shai-Hulud’

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory, noting the risk of a cyber threat campaign specifically targeting JavaScript’s node package manager (npm) ecosystem. The ...
GIGAZINE

Free Software Foundation announces anti-malware extension ``JShelter'' that can prevent tracking by JavaScript for free

FSF announces JShelter browser add-on to combat threats from nonfree JavaScript — Free Software Foundation — Working together for free software https://www.fsf ...