JavaScript
GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry. About the fixed …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Skyflow Fintech Privacy Vault accelerates product development for software teams
Skyflow announced a new zero trust data privacy vault that allows software teams to build and ship next-generation financial apps and systems faster. The new Fintech Privacy …
LoginID SDK empowers developers to integrate FIDO strong authentication into their websites or apps
LoginID announced additional SDK options for developers. These SDKs empower developers to integrate FIDO strong authentication into their websites or apps. A recent PYMNTS …
Akamai’s platform security enhancements strengthen protection for web apps, APIs and user accounts
Akamai announces platform security enhancements to strengthen protection for web applications, APIs, and user accounts. Akamai’s machine learning derives insight on …
SmartBear expands API lifecycle development platform to backend Java developers
SmartBear has released a new plug-in for SwaggerHub API design to support IntelliJ IDEA, the popular Java-based integrated developer environment (IDE). API developers familiar …
Exploiting common URL redirection methods to create effective phishing attacks
“Simple” can often be harder than “complex.” When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as …
Sentry enhances platform capabilities to improve developer workflows and productivity
Sentry announced new and enhanced platform capabilities designed to improve developer workflows and productivity by making it easier to find and resolve the issues that really …
BigID App Marketplace provides modular add-on apps for data privacy, protection, and perspective
BigID announced the release of the BigID App Marketplace, designed to provide BigID customers with modular add-on apps for data privacy, protection, and perspective – in …
Office 365 phishing campaign uses publicly hosted JavaScript code
A new phishing campaign targeting Office 365 users cleverly tries to bypass email security protections by combining chunks of HTML code delivered via publicly hosted …
Trifacta expands platform to deliver a data engineering cloud
Trifacta announced a major expansion to its platform to deliver the data engineering cloud. In keeping with its mission to create radical productivity for people who work with …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)