Javascript
Silent Skimmer: The Rising Threat in Card-Skimming Attacks
A notorious Chinese-speaking threat actor, known for skimming credit card numbers off e-commerce sites and point-of-sale service providers across Asia/Pacific, has expanded its target scope to North and Latin America. The post ...
Foliage 2023
The days are getting shorter and when we were visiting Down East Maine the other week, there was just a hint of some trees starting to change up their leaf palettes. It ...
Keeping Track Of URLs Shared On Bluesky
While the future of Bluesky is nowhere near certain, it is most certainly growing. It’s also the largest community of users for the AT Protocol. Folks are using Bluesky much the same ...
JavaScript: A Taxing Situation
An authorized IRS eFile website is the latest victim of a JavaScript attack. eFile.com has become the victim of an attack which originated in a previously innocent JavaScript file. The javascript file, ...
WebR WASM R Package Load/Library Benchmarking Rabbit Hole
I have a post coming on using base and {ggplot2} plots in VanillaJS WebR, but after posting some bits on social media regarding how slow {ggplot2} is to deal with, I had ...
The Danger of Web Scraping & How to Prevent Website Scraping
Many of today’s hyper-connected organizations are faced with the challenge of how to detect and prevent web scraping attacks in an efficient and scalable manner. In this blog, we’ll share how a ...
Contrast adds SAST support for TypeScript and Vue.js | Contrast Security
JavaScript continues to hold the title as the most utilized programming language by development teams, with a 65% score in this year’s StackOverflow Developer survey. The language is used by some of ...
Find JavaScript cyber-vulnerabilities for free with CodeSec
According to a 2022 Stack Overflow survey of more than 50K professional developers, JavaScript is the top programming language of choice. Finding cybersecurity risks in JavaScript code is critical for developers working ...
Contrast Scan adds support for client-side JavaScript including Angular, React, & jQuery
Contrast has expanded its Static Analysis Security Testing (SAST) language coverage to support client-side JavaScript, including Angular, React and jQuery in both the enterprise version of Contrast Scan as well as CodeSec, ...
PCI DSS Tackles Client-Side Attacks: Everything You Need Know About Complying With PCI 6.4.3
Client-side attacks (often referred to as Magecart attacks) have been around since as early as 2015 and dramatically gained in popularity when the global pandemic accelerated digital transformation, by driving more people ...
