Bleeping Computer

JavaScript Packages Caught Stealing Environment Variables

On August 1, npm Inc. — the company that runs the biggest JavaScript package repository — removed 38 JavaScript npm packages that were caught stealing environment variables from infected projects.
Ars Technica

Isolated javascript environment in python for testing malicious code

Is there a way to create a completly isolated javascript environment in python? All I want to do is test if some potentially malicious code calls window.location, iframe.src or something similar, no ...
ZDNet

JavaScript Template Attacks expose new browser fingerprinting vectors

Academics have come up with a new technique that leaks data about users' browsers; enough to defeat anti-fingerprinting systems and privacy-preserving browser extensions to provide ways to identify ...
InfoWorld

Facebook open-sources tools for fast React app creation in JavaScript

The social giant's newest open source offering provides a rapid way to set up the prerequisites for building React apps in a complex JavaScript environment Facebook’s React.js library is now used to ...