javascript news - Search News

News

How phishers are weaponizing SVG images in zero-click, evasive campaigns

Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.

Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects

Once opened in a browser, the code decrypts a secondary payload using a static XOR key and then redirects the user to an ...

North Korean XORIndex malware hidden in 67 malicious npm packages

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...

InfoWorld11d

Developing JavaScript apps with AI agents

AI assistance is increasingly woven into JavaScript development tools and processes, which is both a boon and a peril ...

SecurityWeek5h

Threat Actors Use SVG Smuggling for Browser-Native Redirection

The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at runtime. The decrypted code reconstructs a redirect command and builds a ...

Microsoft replaces legacy JavaScript engine to improve security in Windows 11

Microsoft officially retired JScript years ago, along with proper support for the original Internet Explorer browser. However ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results