CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

An incredibly popular JavaScript library might have some worrying malware issues

A widely-adopted JavaScript library has been found carrying a critical vulnerability which could allow threat actors to ...
Techzine Europe

Critical vulnerability exposed in JavaScript library expr-eval

A critical security vulnerability in the popular JavaScript library expr-eval allows remote code execution. The bug, with a ...

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...
InfoWorld

AI makes JavaScript programming fun again

What if AI-assisted development is less of a threat, and more of a jetpack? This month’s report tackles vibe coding, along ...