CloudFlare reports a massive JavaScript-based DDoS attack against one its customers, likely carried out by unsuspecting mobile browsers served a malicious ad.

Called "JavaScript Template Attack," this new technique revolves around the concept of JavaScript properties and the default values that browser engines return for basic JavaScript queries seeking ...

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

A team of academics has created a Chrome extension that can block side-channel attacks that use JavaScript code to leak data from a computer's RAM or CPU.

Three marketing tools, including the Best Of The Web security logomark, were compromised in supply chain attacks, allegedly leaving website customers leaking their users' sensitive information.

Home > Internet & Security Rowhammer: A new JavaScript attack that targets DRAM The new Rowhammer exploit doesn't just target hardware -- it uses Javascript to do it, and can run within a web browser.

A new browser flaw could allow attackers to trick users into giving up sensitive information such as passwords. The flaw is unusual in that it affects every mainstream browser, and can be ...

The researchers went on to combine their AnC JavaScript with attack code that exploits CVE-2013-0753, a now-patched use-after-free vulnerability in Firefox. Normally, ASLR protections in the 64 ...

The new Rowhammer exploit doesn't just target hardware -- it uses Javascript to do it, and can run within a web browser.