AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
GitHub

Barrel file removal tool for JavaScript & TypeScript projects (ESM-only).

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.
IEEE

Javascript Code Simplification And Optimization Based On Hybrid Static and Dynamic Analysis Techniques

Abstract: With the increasing complexity of Web application functions, JavaScript libraries are widely used to improve development efficiency and user experience. However, many applications do not ...
GitHub

mcp-tool-shop-org/code-covered

$ code-covered coverage.json ===== code-covered ===== Coverage: 74.5% (35/47 lines) Files analyzed: 1 (1 with gaps) Missing tests: 4 [!!] CRITICAL: 2 ...