Bleeping Computer

New PindOS JavaScript dropper deploys Bumblebee, IcedID malware

Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. PindOS is a simple JavaScript ...
Wired

Microsoft's Latest Excel Update Has Security Pros Anxious

On Monday at its Build conference in Seattle, Microsoft announced a host of software products and updates related to buzzy technologies like machine learning and mixed reality. But the company also ...
Bleeping Computer

Exploited Windows zero-day lets JavaScript files bypass security warnings

An update was added to the end of the article explaining that any Authenticode-signed file, including executables, can be modified to bypass warnings. A new Windows zero-day allows threat actors to ...
Business Wire

Halo Security Now Detects API Keys and Secrets Exposed in JavaScript

SAN FRANCISCO--(BUSINESS WIRE)--Web properties are increasingly relying on third-party JavaScript to increase functionality, but this can also bring inherent risks. A report from Source Defense, which ...
Business Wire

npm, Inc. Improves JavaScript Security for Enterprise Developers

OAKLAND, Calif.--(BUSINESS WIRE)--npm, Inc., the JavaScript developer tools provider and operator of the world’s largest software registry, today announced a significant upgrade to npm Enterprise, its ...