News

Threat Post8y
Inside the RIG Exploit Kit
In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks. Today’s most ...
Ars Technica8y
Firefox 0-day in the wild is being used to attack Tor users
"This is an [sic] JavaScript exploit actively used against TorBrowser NOW." Tor cofounder Roger Dingledine quickly confirmed the previously unknown vulnerability and said engineers from Mozilla ...
Ars Technica17y
JavaScript worm from late 2007 happily frolicking in 2008
Back in late December, Ars covered the sudden appearance of a JavaScript worm variant designed to capitalize on the assassination of Benazir Bhutto. While the exploit itself had been in the wild ...
Lifehacker14y
Mouse-Over Exploit Hits Twitter.com
A JavaScript exploit has allowed all kinds of not-at-all-safe-for-work sites to pop up sites and text through Twitter.com, and force a re-tweet, even if all a user does is move their mouse over a ...
ExtremeTech9y
Rowhammer: A new JavaScript attack that targets DRAM
The new Rowhammer exploit doesn't just target hardware -- it uses Javascript to do it, and can run within a web browser. Share on Facebook (opens in a new window) Share on X (opens in a new window ...
Android11y
Google Glass Hacked Already? Exploit Exists With JavaScript
In an API level 16 or below, all an app needs to do to exploit this security hole is to create a WebView and then access the run code that activates the broken JavaScript function. But what does ...
Reuters15y
Kill JavaScript in Adobe Reader to ward off zero-day exploit, experts urge
Users should disable JavaScript in Adobe's Reader and Acrobat ... The advice is timely, as noted bug researcher and exploit maker HD Moore confirmed that an exploit would be published to the ...
HotHardware9y
Vicious Chrome V8 JavaScript Exploit Leaves All Android Devices Ripe For Attack
However, we do know that it takes advantage of Chrome’s open source V8 JavaScript engine. What makes the exploit so dangerous — which is another reason why we’re glad that this exploit hasn ...
Bleeping Computer2y
Exploit available for critical bug in VM2 JavaScript sandbox library
Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code ...
Gizmodo14y
There Was a New Twitter Exploit and It Was Spreading Like Wildfire
Twitter is seriously screwed up at the moment, thanks to a new Javascript exploit that’s currently slamming the service. Visitors of Twitter’s website are inadvertently retweeting spam and ...
Network World15y
Kill JavaScript in Adobe Reader to ward off zero-day exploit, experts urge
Security experts today urged Adobe Reader and Acrobat users to disable the JavaScript option until ... as noted bug researcher and exploit maker HD Moore confirmed that an exploit would be ...