Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
GitHub

JavaScript Regex Security Scanner

If necessary you can ignore certain files or directories using the option --ignore-pattern. For example, to ignore vendored code to focus on problems in your own project you can use: Detect cases of ...
Computerworld

Industry

Compliance chaos: NY regulators see a data breach — then focus on IT errors When a data breach happens, CISOs aren’t the only ones who should be sweating. New York state officials, for example, ...
GitHub

Beginner Javascript Notes - All Modules Combined.md

To review, when you run a function in JavaScript, what happens is JavaScript takes in whatever you have pass it, whether you have passed it that value directly _ (as a number or string for example)_, ...