JavaScript

Avast pulls plug on insecure JavaScript engine in its security software suite

Code interpreter ran with admin-level access, not sand-boxed, potentially open to remote-code execution

Security13 Mar 2020 | 6

NBD: A popular HTTP-fetching npm code library used by 48,000 other modules retires, no more updates coming

Downloaded 17m times a week, now coders should consider an alternative

Software12 Feb 2020 | 25

Electron devs bond at Covalence conference: We speak to those mastering the cross-platform tech behind Slack, Visual Studio Code, etc

Analysis Derided app framework ready for broader acceptance

Software27 Jan 2020 | 29

JavaScript survey: Devs love a bit of React, but Angular and Cordova declining. And you're not alone... a chunk of pros also feel JS is 'overly complex'

Tried Svelte yet? Perhaps you should

Software19 Dec 2019 | 75

NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets

Trio of vulnerabilities made registry full of uncertain code even more of a risk

Security13 Dec 2019 | 19

The Wun Show: Douglas Crockford has been sniffing JavaScript's bad parts again

Stob The Good, the Bad, and the Wunderful

Software25 Sep 2019 | 38

Hey, NPM. How do you like your Bogensberger? He's, well, done: CEO Bryan ejects from biz

JavaScript packager seeks new boss amid internal friction, firings, unionization attempts

Devops20 Sep 2019 | 8

TypeScript is now a 'top 10' language – just in time for the 'feature complete' 3.6 beta

Better iterators, generators... Semicolons? Who needs 'em?

Software22 Jul 2019 | 20

npm uninstall co-founder --global: Laurie Voss rides off into the sunset waving goodbye

Updated Co-founder and chief data officer at NPM Inc, moves on

Software18 Jul 2019 | 8

For pity's sake, groans Mimecast, teach your workforce not to open obviously dodgy emails

JavaScript obfuscation finds its way into finance phishery

Security17 Jul 2019 | 46

Malicious code ousted from PureScript's npm installer – but who put it there in the first place?

Account hijacking claimed by some but it may just be a developer behaving badly

Security15 Jul 2019 | 20

Meet the Great Duke of... DLL: Microsoft shines light on Astaroth, a devilishly sneaky strain of fileless malware

DLL or no DLL?

Security08 Jul 2019 | 59

Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants

Just make sure you're running the latest version

Security18 Jun 2019 | 41

settlement.js not found: JavaScript package biz NPM scraps talks, fights union-busting claims

Special report CEO speaks to The Reg as we dig into labor complaints, future of npm CLI

Software14 Jun 2019 | 12

JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb

And using browser privacy extensions may just make matters worse

Security11 Jun 2019 | 53

Someone slipped a vuln into crypto-wallets via an NPM package. Then someone else siphoned off $13m in coins to protect it from thieves

What a wild ride, eh Komodo?

Security07 Jun 2019 | 54

Return of the JSedi: After being ousted from NPM Inc, former CTO is back with rival package registry Entropic

CJ Silverio floats open-source federated approach to save JavaScript community from corporate clutches

Software04 Jun 2019 | 3

Now Ponder Mistakes: NPM's heavy-handed management prompts JS code registry challenger

Contender hopes to one day become the preferred Node.js Package Manager

Software25 Apr 2019 | 10

NPM is Not Particularly Magnanimous? Staff fired after trying to unionize – complaints

Special report Plus: Employee diversity, harassment brouhahas within Microsoft, Google

Software22 Apr 2019 | 59

Rust never sleeps: C++-alike language tops Stack Overflow survey for fourth year in a row

Python still popular. Visual Basic for Applications liked about as much as meetings

Software09 Apr 2019 | 99

NPM clings to its cuddly image – as senior staff vote with their feet: Now longtime product boss quits JS package biz

npm uninstall iarna

Software03 Apr 2019 | 8

Nice People Matter? NPM may stand for Not Politely Managed – job cuts leave staff sore

Layoffs at JavaScript package registry raise questions about fate of community resource

Software01 Apr 2019 | 41

Brit prisoners to be kept on the straight and narrow with JavaScript and CSS

That's the sound of the men, working on the blockchain gang

Software15 Mar 2019 | 70

Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand's servers

Updated Pesky JavaScript harvester strikes again

Security14 Mar 2019 | 10

Why does that website take forever to load? Clues: Three syllables, starts with a J, rhymes with crock of sh...

Ex-Googler reveals study and, yes, we're lookin' at you, WordAds

Software15 Feb 2019 | 111

Ever yearn for the Windows 95 shutdown sound? TADA! There's an Electron app for that

JavaScript emulator gains audio support and proper '90s Doom

Software11 Feb 2019 | 31

You like JavaScript! You really like it! Scripting lingo tops dev survey of programming languages

Meanwhile, one in five polled coders complain they were denied US work visas

Devops29 Jan 2019 | 89

Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)

Node.js package tried to plunder Bitcoin wallets

Security26 Nov 2018 | 48

Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin cyber-heist caper

Updated Gate.io exchange believed to be target of embedded attack

Security06 Nov 2018 | 9

Carlo has a head for apps and a body (tag) for rendering: Google takes on Electron with JS desktop app toolset

Chrome Labs experiment adds another option for building website-ish applications

Software02 Nov 2018 | 3

SAP bug beatdowns, Apple gets nasty with Mac repairs, Struts woe, and more from infosec

roundup Including: US Marines are looking for a few good bugs

Security06 Oct 2018 | 20

Couldn't give a fsck about patching? Well, that's your WordPress website pwned, then

Fiends use vulns to lure victims into tech support scams

Security21 Sep 2018 | 19

What's that smell? Oh, it's Newegg cracked open by card slurpers

Fresh from British Airways hack, Magecart strikes again

Security20 Sep 2018 | 34

NPM not tied in knots over Yarn rival project

Parallel projects just happen when the future is obvious

Devops15 Sep 2018 | 14

Tor(ched): Zerodium drops exploit for version 7 of anonymous browser

Bug allows malicious scripts to run even with protections active

Security10 Sep 2018 | 5

One-in-two JavaScript project audits by NPM tools sniff out at least one vulnerability...

...and those devs are then applying patches, we hope

Security22 Aug 2018 | 13

How evil JavaScript helps attackers tag possible victims – and gives away their intent

Countdown to ancient IE a telltale sign of malice

Security09 Aug 2018 | 21

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

Updated Tokens killed after eslint-scope utility compromised

Security12 Jul 2018 | 8

Cookie code compromise caper caught and crumbled

Ploy to plant malware in NPM's JavaScript registry foiled

Security04 May 2018 | 13

Oracle demands dev tear down iOS app that has 'JavaScript' in its name

Ordinary folk may be confused by title, takedown demand suggests

Applications18 Apr 2018 | 53

When SecureRandom()... isn't: JavaScript fingered for poking cash-spilling holes in Bitcoin wallets

If you've got an old money store, check it for hacked gaps

Security12 Apr 2018 | 7

Your code is RUBBISH, says GitHub. Good thing we're here to save you

Dependency scanner turned up 4m vulns from Oct-Dec 2017

Devops23 Mar 2018 | 18

Cloudflare pushes Workers out the door – without layoffs

Runs JavaScript on the edge, rather than make users schlep all the way to your server

Devops14 Mar 2018 | 1

Unlucky Linux boxes trampled by NPM code update, patch zapped

Devs stumble into pre-release beta by using command they didn't understand

Software23 Feb 2018 | 38

Next; tech; meltdown..? Mandatory; semicolons; in; JavaScript; mulled;

Punctuation-averse devs, you're coding it wrong

Devops12 Jan 2018 | 103

Wondering where your JavaScript libs went? Spam-detection snafu exiled npm packages

Postmortem sheds light on brief dependency hell

Software11 Jan 2018 | 16

Language bugs infest downstream software, fuzzer finds

And you worked so hard to make it secure

Security11 Dec 2017 | 27

When it comes to ML, reports of JavaScript's death are exaggerated

Python is not the be-all and end-all of writing smart algorithms

AI + ML22 Nov 2017 | 38

Don't put your Node out of joint: Version 8 of JS toolkit now in LTS mode

As the focus turns to version 9

Devops31 Oct 2017 | 4

Here's a gentle guide to building JavaScript AI in web browsers. Totally not a scary thing

Google unwraps toy image rec neural net

AI + ML05 Oct 2017 | 8

JS code at the network edge. Oh, you're still here and not running, screaming? Read on

Cloudflare Workers offered to customize content

Devops30 Sep 2017 | 13

Facebook performs successful license surgery on React, GraphQL

Feared patent bomb defused, for the time being

Devops26 Sep 2017 | 2

The power JavaScript: 'Gandalf of JS' Wirfs-Brock on ECMAscript 2017

Looking to the AI future

Software26 Sep 2017 | 39

Facebook ties JavaScript code together with Yarn

Package management client hits 1.0

Devops08 Sep 2017 | 8

Google puts the last coat of polish on Chrome 61

WebUSB, WebShare, JavaScript Modules and more due any day now

Software07 Sep 2017 | 25

The future of Python: Concurrency devoured, Node.js next on menu

Analysis Programming language keeps getting fatter amid awkward version 3 split

Devops16 Aug 2017 | 92