CSOonline

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...
Threat Post

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches. Adobe has released fixes addressing five critical flaws in its popular ...
Network World

Gmail will block JavaScript attachments, a common source of malware

Starting Feb. 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years. Users will no longer be able ...