Prototype pollution bug exposed Ember.js applications to XSS

November 9, 2022

A bug in Ember.js, a JavaScript framework for building Node.js web applications, allowed attackers to stage prototype pollution attacks against ...

Hundreds of U.S. news sites push malware in supply-chain attack

November 3, 2022

Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework.

Lapsus$ ransomware gang hits SIC, Portugal’s largest TV channel

Skimmer Injected Into 100 Real Estate Websites via Cloud Video Platform

January 4, 2022

More than 100 real estate websites belonging to the same parent company were injected with web skimmer code via an ...

Arachni

November 14, 2020

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern ...

Wapiti

November 12, 2020

Wapiti allows you to audit the security of your websites or web applications.

JSParser

November 1, 2020

A python 2.7 script using Tornado and JSBeautifier to parse relative URLs from JavaScript files. Useful for easily discovering AJAX ...

DIRECTORY

Tag: Javascript