Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
GitHub

TAJS - Type Analyzer for JavaScript

TAJS is a dataflow analysis for JavaScript that infers type information and call graphs. The current version of the analysis contains a model of ECMAScript 3rd edition, including the standard library, ...
IEEE

Reasoning about the Node.js Event Loop using Async Graphs

Abstract: With the popularity of Node.js, asynchronous, event-driven programming has become widespread in server-side applications. While conceptually simple, event-based programming can be tedious ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
GitHub

An arbitrary-precision Decimal type for JavaScript.

The library is similar to bignumber.js, but here precision is specified in terms of significant digits rather than decimal places, and all calculations are rounded to the precision (similar to ...