Wired

Microsoft's Latest Excel Update Has Security Pros Anxious

On Monday at its Build conference in Seattle, Microsoft announced a host of software products and updates related to buzzy technologies like machine learning and mixed reality. But the company also ...
Bleeping Computer

New PindOS JavaScript dropper deploys Bumblebee, IcedID malware

Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. PindOS is a simple JavaScript ...
Business Wire

npm, Inc. Improves JavaScript Security for Enterprise Developers

OAKLAND, Calif.--(BUSINESS WIRE)--npm, Inc., the JavaScript developer tools provider and operator of the world’s largest software registry, today announced a significant upgrade to npm Enterprise, its ...
Bleeping Computer

Exploited Windows zero-day lets JavaScript files bypass security warnings

An update was added to the end of the article explaining that any Authenticode-signed file, including executables, can be modified to bypass warnings. A new Windows zero-day allows threat actors to ...
Business Wire

Halo Security Now Detects API Keys and Secrets Exposed in JavaScript

SAN FRANCISCO--(BUSINESS WIRE)--Web properties are increasingly relying on third-party JavaScript to increase functionality, but this can also bring inherent risks. A report from Source Defense, which ...