Cyber Security
Software engineers at Google have put forward a proposal that promises to clamp down on prototype pollution, a class of vulnerability that has become...
Hi, what are you looking for?
Software engineers at Google have put forward a proposal that promises to clamp down on prototype pollution, a class of vulnerability that has become...
A critical vulnerability arising from improper input validation has been addressed in XMLDOM, the JavaScript implementation of W3C DOM for Node.js, Rhino, and browsers....
A security researcher has disclosed a CSS injection flaw in Acronis software which could be abused for data theft. On November 4, ‘Medi’ (under...
A bug in Ember.js, a JavaScript framework for building Node.js web applications, allowed attackers to stage prototype pollution attacks against the host server. Prototype...
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms...
A prototype pollution bug in the Chromium project allowed attackers to bypass Sanitizer API, a built-in browser library for removing potentially malicious code from...
Researchers at Johns Hopkins University have developed a graph-based code analysis tool that can detect a wide range of vulnerabilities in JavaScript programs. Called ODGen,...
A credit card stealing service is growing in popularity, allowing any low-skilled threat actors an easy and automated way to get started in the...
A group of software package maintainers have created a tool for defending applications that depend on open source JavaScript libraries. Called Socket, the tool...
The developers behind Node.js have released new versions of several release lines to address four vulnerabilities in the server-side technology. Node.js is a popular JavaScript runtime...