Digital Trends

New JavaScript attack infects your phone and changes your router's DNS settings

Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place ...

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in ...
MediaNama

Why CERT-In Is Warning Startups and IT Companies About Dune-Inspired Malware ‘Shai-Hulud’

CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...

Exclusive: 'We will see more attacks' Ledger CTO warns after NPM breach

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.
ZDNet

5 ways to spot software supply chain attacks and stop worms - before it's too late

Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...

Patch now! Attackers exploit Chrome security vulnerability in JavaScript engine

The developers have fixed several vulnerabilities in the current version of the Chrome web browser. Attacks are already occurring.

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built ...

Chainguard, the trusted foundation for software development and deployment, today announced Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...