ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in update mechanisms. Ever since Electron’s first release, developers have ...

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

Webpack's 2026 roadmap, led by Even Stensberg, unveils substantial enhancements aimed at modernizing the bundler. Key features include native CSS module support, universal compilation for various ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Mandelson was arrested last month and has since been released under investigation (Picture: AFP) The UK government has released tens of thousands of documents regarding Lord Peter Mandelson’s ...

It was a solid addition to my LLM-powered app stack ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...