Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate ...

A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The ...

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, ...

jQuery, the JavaScript library everyone loves to hate, has turned ten years old today. The library was first introduced in 2006 by John Resig, at BarCamp in New York City, as a side project he had ...

Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...

Potentially helping developers more quickly build cross-platform applications, Microsoft is releasing as open source its WinJS JavaScript library for building Windows-styled controls. Now that the ...

JavaScript's standard library could eventually grow to reduce reliance on third-party packages -- but it'll happen slowly, says Eich A recent incident where software was removed from the NPM package ...