News

ZDNet5y
Another one-line npm package breaks the JavaScript ecosystem
An update to tiny "is-promise" library impacted millions of JavaScript projects. Written by Catalin Cimpanu, Contributor April 26, 2020 at 8:19 a.m. PT techrepublic cheat sheet ...
InfoWorld9y
Brendan Eich: JavaScript standard library will stay small
JavaScript's standard library could eventually grow to reduce reliance on third-party packages -- but it'll happen slowly, says Eich A recent incident where software was removed from the NPM ...
techtimes4y
Warning: Malicious JavaScript Library Posing as Twilio-Related Libraries Opens Vulnerabilities to Programmers' Computer - Tech Times
A JavaScript library that was posing as Twilio-related libraries was recently found to open up certain vulnerabilities towards a programmers' computer.
ZDNet6y
Popular jQuery JavaScript library impacted by prototype pollution flaw - ZDNET
These efforts have resulted in the discovery of multiple prototype pollution attacks in more and more JavaScript libraries, such as Mongoose, lodash.merge, node.extend, deep-extend, and HAPI--some ...
PC World11y
Microsoft open sources Windows Library for JavaScript
Microsoft first released this library in 2011 so developers could build Windows applications both for Windows Phone and the Windows 8 Modern interfaces using JavaScript, along with HTML, CSS and ...