Security News

A years-long campaign by miscreants to insert malicious JavaScript into vulnerable WordPress sites, so that visitors are redirected to scam websites, has been documented by reverse-engineers. "The websites all shared a common issue - malicious JavaScript had been injected within their website's files and the database, including legitimate core WordPress files," Konov wrote.

In this interview with Help Net Security, Vitaly Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, and the importance of JavaScript security in the development process. What kind of impact do third-party JavaScript libraries and pre-written JavaScript code have on front-end security?

During these assessments a security analyst will determine if the system is susceptible to any known or exploitable vulnerabilities, assign severity levels to them, recommend remediation or mitigation, and prioritize the order in which remediation must occur based on the severity level. The end result of a security assessment should be deep insights into the security gaps of your organization, aligned to both your overall security program and a governance model.

For those developing with JavaScript and related technologies, GitHub's NPM Package Registry is an essential resource. It's the home of more than 1.8 million packages - libraries and modules that get added to applications as dependencies to perform useful functions.

Another batch of 25 malicious JavaScript libraries have made their way to the official NPM package registry with the goal of stealing Discord tokens and environment variables from compromised systems, more than two months after 17 similar packages were taken down. The libraries in question leveraged typosquatting techniques and masqueraded as other legitimate packages such as colors.

If you were a user of either of those projects, and if you are inclined to accept any and all updates to your source code automatically without any sort of code review or testing. We've written about security holes suddenly showing up in numerous coding communities, including PHP programmers, Pythonistas, Ruby users, and NPM fans.

Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021.

A new stealthy JavaScript loader named RATDispenser is being used to infect devices with a variety of remote access trojans in phishing attacks. Once launched, the loader will write a VBScript file to the %TEMP% folder, which is then executed to download the malware payload. These layers of obfuscation help the malware evade detection 89% of the time, based on VirusTotal scan results.

GitHub said it has fixed a longstanding issue with the NPM JavaScript registry that would allow an attacker to update any package without proper authorisation. "The vulnerability was based on a familiar insecurity pattern, where the system correctly authenticates a user but then allows access beyond what that user's permissions should enable. In this case, the NPM service correctly validated that a user was authorised to update a package, but"the service that performs underlying updates to the registry data determined which package to publish based on the contents of the uploaded package file.

A security researcher has shed light on how invisible characters can be snuck into JavaScript code to introduce security risks, like backdoors, into your software. This week, a researcher has disclosed how certain characters could be injected into JavaScript code to introduce invisible backdoors and security vulnerabilities.