Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place ...

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors ...

A new malvertising attack observed in the wild relies on a less used technique to hide the malicious payload. The authors turned to polyglot images to add the JavaScript code that redirects to a page ...

The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...

Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...

A recent development of the malicious JavaScript injection that compromised thousands of domains at the start of this month is being tracked by Websense Security Labs. The attackers have switched over ...

Five days after it was first discovered, the website of the Super Glue Corporation is still serving visitors with a malicious script pushing them to sites selling fake security software, security ...

Security researchers have discovered what appears to be the first browser side-channel attack that's Javascript-free, and Apple M1 chips may be more vulnerable to it. According to a research paper ...

The new Rowhammer exploit doesn't just target hardware -- it uses Javascript to do it, and can run within a web browser. Share on Facebook (opens in a new window) Share on X (opens in a new window) ...

The following article is reprinted from the Security Alert blog at PCWorld.com. A critical flaw in the way Firefox 3.5 handles Javascript opens the door to a serious attack, according to Secunia, ...

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: Address space layout randomization (ASLR). The attack takes advantage of how modern processors ...

A critical flaw in the way Firefox 3.5 handles Javascript opens the door to a serious attack, according to Secunia, which tracks security vulnerabilities. Sample exploit code is already available ...