Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript. The vulnerability, tracked ...
TechRadar

An incredibly popular JavaScript library might have some worrying malware issues

CVE-2025-12735 in expr-eval allows remote code execution via unsafe input evaluation Vulnerable versions ≤2.0.2; patched in 2.0.3 and forked in expr-eval-fork 3.0.0 Developers should sanitize ...
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...
InfoWorld

Intro to Streamlit: Web-based Python data apps made easy

Streamlit lets you write web-based Python data applications without HTML, CSS, or JavaScript. Here's a first look at Streamlit. A common problem with Python applications is how to share them with ...
GitHub

React Native OTP Input

@twotalltotems/react-native-otp-input is a tiny Javascript library which provides an elegant UI for the end user to input one time passcode (OTP). It handles the ...
InfoWorld

Data visualization with Observable JavaScript

Learn how to make the most of Observable JavaScript and the Observable Plot library, including a step-by-step guide to eight basic data visualization tasks in Plot. Built-in reactivity is one of ...