ZDNet

An insecure mess: How flawed JavaScript is turning web into a hacker's playground

An analysis of over 133,000 websites has found that 37 percent of them have at least one JavaScript library with a known vulnerability. Researchers from Northeastern University have followed up on ...
Bleeping Computer

Compromised JavaScript Package Caught Stealing npm Credentials

A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...