GitHub

Immutable collections for JavaScript

Read the docs and eat your vegetables. Immutable data cannot be changed once created, leading to much simpler application development, no defensive copying, and enabling advanced memoization and ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
IEEE

Statically Checking Web API Requests in JavaScript

Abstract: Many JavaScript applications perform HTTP requests to web APIs, relying on the request URL, HTTP method, and request data to be constructed correctly by ...
IEEE

A Symbolic Execution Framework for JavaScript

Abstract: As AJAX applications gain popularity, client-side JavaScript code is becoming increasingly complex. However, few automated vulnerability analysis tools for JavaScript exist. In this paper, ...
GitHub

JSSC — JavaScript String Compressor

JSSC is an open-source, lossless string compression algorithm designed specifically for JavaScript strings (UTF-16). It produces compressed data that remains a valid JS string, making it ideal for ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
TechRadar

An incredibly popular JavaScript library might have some worrying malware issues

CVE-2025-12735 in expr-eval allows remote code execution via unsafe input evaluation Vulnerable versions ≤2.0.2; patched in 2.0.3 and forked in expr-eval-fork 3.0.0 Developers should sanitize ...
InfoWorld

What is TypeScript? Strongly typed JavaScript

TypeScript’s strong typing enables a variety of features that increase developer efficiency, especially when dealing with enterprise-scale codebases. TypeScript is compiled, rather than interpreted ...