Security News

Avast has disabled a component in its Windows anti-malware suite that posed, ironically enough, a significant security risk. The software maker switched off the JavaScript interpreter in its toolkit after Google Project Zero's Tavis Ormandy, and his colleagues, alerted the developer to design flaws in the code.

Cybercriminals continue to exploit weaknesses in JavaScript to try to steal sensitive data from consumers through advertising, according to DEVCON.

Trio of vulnerabilities made registry full of uncertain code even more of a risk On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world's JavaScript...

Visa Security Researchers Say 'Pipka' Is Good at Avoiding DetectionSecurity researchers at Visa have uncovered a new type of JavaScript skimmer that has infected the online checkout pages for at...

A new JavaScript skimmer targets data entered into the payment forms of ecommerce merchant websites, Visa Payment Fraud Disruption (PFD) warns. Dubbed Pipka, the skimmer was discovered on an...

Here’s an overview of some of last week’s most interesting news and articles: Phishing attacks are a complex problem that requires layered solutions Most cyber attacks start with a social...

An open source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs has been developed at North Carolina State...

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for...

More than a decade after hitting the headlines, clickjacking fraud remains an under-reported hazard on hundreds of popular websites.

RiskIQ, the global leader in attack surface management, announced the launch of RiskIQ JavaScript Threats Module to ensure customer trust in e-commerce by protecting organizations’ high-traffic...