Security News

If you were a user of either of those projects, and if you are inclined to accept any and all updates to your source code automatically without any sort of code review or testing. We've written about security holes suddenly showing up in numerous coding communities, including PHP programmers, Pythonistas, Ruby users, and NPM fans.

Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021.

A new stealthy JavaScript loader named RATDispenser is being used to infect devices with a variety of remote access trojans in phishing attacks. Once launched, the loader will write a VBScript file to the %TEMP% folder, which is then executed to download the malware payload. These layers of obfuscation help the malware evade detection 89% of the time, based on VirusTotal scan results.

GitHub said it has fixed a longstanding issue with the NPM JavaScript registry that would allow an attacker to update any package without proper authorisation. "The vulnerability was based on a familiar insecurity pattern, where the system correctly authenticates a user but then allows access beyond what that user's permissions should enable. In this case, the NPM service correctly validated that a user was authorised to update a package, but"the service that performs underlying updates to the registry data determined which package to publish based on the contents of the uploaded package file.

A security researcher has shed light on how invisible characters can be snuck into JavaScript code to introduce security risks, like backdoors, into your software. This week, a researcher has disclosed how certain characters could be injected into JavaScript code to introduce invisible backdoors and security vulnerabilities.

Obfuscation is when easy-to-understand source code is converted into a hard to understand and confusing code that still operates as intended. Obfuscation can be achieved through various means like the injection of unused code into a script, the splitting and concatenating of the code, or the use of hexadecimal patterns and tricky overlaps with function and variable naming.

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with "Moderate confidence" to a financially motivated threat actor dubbed FIN7, according to researchers from cybersecurity firm Anomali. "The group's goal appears to have been to deliver a variation of a JavaScript backdoor used by FIN7 since at least 2018.".

Microsoft is conducting an experiment it hopes will improve browser security - by making its Edge offering worse at running JavaScript. As explained in a post by Johnathan Norman, the vulnerability research lead for Microsoft Edge, JavaScript is the juiciest target when trying to crack a browser - because engines like Google's V8 and the just-in-time compilation techniques they employ use "a remarkably complex process that very few people understand" and have "a small margin for error" in the way they handles code.

Google says the latest Google Chrome release comes with a significant performance boost due to newly added improvements to the open-source V8 JavaScript and WebAssembly engine. Google Chrome 91, which started rolling out earlier this week, is executing JavaScript code 23% faster with the inclusion of a new JavaScript compiler and the use of a new way to optimize the code's location in memory.

The "Problem child" that Firefox just addressed is a lesser-known JavaScript variable called window. Specifying an existing tab name in the target of the link means that we can re-use the second tab for our new content, so that the example.com page opens up in the same NEWTAB tab, replacing the Naked Security content and avoiding the creation of a third tab.