AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
PCMag on MSN

Wikipedia forced to lock down edits over JavaScript that could delete pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Google removes accessibility section from JavaScript SEO section

This change was made because the advice was "out of date" and Google handles JavaScript fine.

JavaScript build tool: Vite 8.0 speeds up with Rust-based bundler Rolldown

The new bundler Rolldown replaces esbuild and Rollup. With its Rust base, it enables significantly faster builds.