🦞🌯 Lobster Roll

Thread

Hacking the JavaScript Lottery (medium.com)
L 4 pts 0 comments by lattera May 18, 2016 javascriptsecurity thread

Stories related to "Hacking the JavaScript Lottery" across the full archive.

Stuffing Javascript into DNS names (skullsecurity.org)
L 3 pts 0 comments by inactive-user Aug 25, 2012 javascriptsecurity Web DevelopmentSecurity / Privacy thread
Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript (arxiv.org)
L 7 pts 1 comments by lynge Jul 27, 2015 javascriptpdfsecurity Web DevelopmentProgramming (General)Security / Privacy thread
Backdooring your JavaScript using minifier bugs (zyan.scripts.mit.edu)
L 24 pts 2 comments by hdevalence Aug 24, 2015 compilersjavascriptsecurity Web DevelopmentSystems / Low-Level / OSProgramming Languages / CS TheorySecurity / Privacy thread
Hacking the JavaScript Lottery (medium.com)
L 4 pts 0 comments by lattera May 18, 2016 javascriptsecurity Web DevelopmentSecurity / Privacy thread
Local network scanner in javascript (blog.skylined.nl)
L 1 pts 0 comments by henkjan May 27, 2016 javascriptnetworkingsecurity Web DevelopmentData / Databases / InfrastructureSecurity / Privacy thread
[tor-talk] Javascript exploit (lists.torproject.org)
L 11 pts 3 comments by pizzaiolo Nov 30, 2016 browsersjavascriptsecurity Web DevelopmentSecurity / Privacy thread
Scary shit (if you're on Windows, which is already scary in its own right)
ADsafe - Making JavaScript Safe for Advertising (adsafe.org)
L 4 pts 5 comments by nickpsecurity Dec 11, 2016 javascriptsecurityweb Web DevelopmentSecurity / Privacy thread
Many claim they don't run ads due to security risk. This is one of CompSci's interesting approaches to reducing it. Worth review for weaknesses or experiments on usability.
New ASLR-busting JavaScript is about to make drive-by exploits much nastier (arstechnica.com)
L 5 pts 0 comments by inactive-user Feb 15, 2017 javascriptsecurity Web DevelopmentSecurity / Privacy thread
52% of all JavaScript npm packages could have been hacked via weak credentials (bleepingcomputer.com)
L 2 pts 0 comments by goodger Oct 11, 2017 javascriptsecurity Web DevelopmentSecurity / Privacy thread
JavaScript Coinhive in Excel (charles.dardaman.com)
L 4 pts 0 comments by fcbsd May 9, 2018 javascriptsecurity Web DevelopmentSecurity / Privacy thread
Microsoft recently announced that JavaScript would be enabled in Excel, resulting in this proof of concept.
Undetectable Remote Arbitrary Code Execution Attacks through JavaScript and HTTP headers trickery (bugzilla.mozilla.org)
L -4 pts 24 comments by Shamar Aug 29, 2018 browsersjavascriptnetworkingprivacysecurity Web DevelopmentProgramming (General)Data / Databases / InfrastructureSecurity / Privacy thread
A timing attack with CSS selectors and Javascript (blog.sheddow.xyz)
L 1 pts 0 comments by calvin Oct 9, 2018 cssjavascriptsecurity Web DevelopmentSecurity / Privacy thread
AWS takeover through SSRF in JavaScript (10degres.net)
L 6 pts 1 comments by hwayne Oct 10, 2018 javascriptsecurity Web DevelopmentData / Databases / InfrastructureSecurity / Privacy thread
Protecting your JavaScript APIs (medium.com)
L 2 pts 0 comments by tlhunter Jan 31, 2019 javascriptsecurity Web DevelopmentSecurity / Privacy thread
Compile Your Own Type Confusions: Exploiting Logic Bugs in JavaScript JIT Engines (phrack.org)
L 3 pts 0 comments by calvin May 8, 2019 compilersjavascriptsecurity Web DevelopmentSystems / Low-Level / OSProgramming Languages / CS TheorySecurity / Privacy thread
JavaScript Template Attacks (ndss-symposium.org)
L 2 pts 0 comments by cadey Jun 10, 2019 javascriptsecurityweb Web DevelopmentSecurity / Privacy thread
Introducing Osgood: A secure, fast, and simple platform for running JavaScript HTTP servers (dev.to)
L 8 pts 3 comments by tlhunter Jul 16, 2019 javascriptsecurity Web DevelopmentSecurity / Privacy thread
Sodium-Plus: A Positive Cryptography Experience for JavaScript Developers (dev.to)
L 3 pts 0 comments by inactive-user Oct 7, 2019 cryptographyjavascriptnodejssecurity Web DevelopmentSecurity / Privacy thread
Improving the Cryptography of the JavaScript Ecosystem (paragonie.com)
L 6 pts 0 comments by inactive-user Oct 11, 2019 cryptographyjavascriptnodejssecurity Web DevelopmentSecurity / Privacy thread
Message Encryption in JavaScript and PHP with Libsodium (dev.to)
L 2 pts 0 comments by inactive-user Oct 20, 2019 cryptographyjavascriptphpsecurity Web DevelopmentProgramming (General)Security / Privacy thread
JavaScript Libraries Are Almost Never Updated Once Installed (blog.cloudflare.com)
L 16 pts 9 comments by calvin Jan 28, 2020 javascriptpracticessecurity Web DevelopmentSecurity / PrivacyProductivity / Career / Business thread
taviso/avscript: Avast JavaScript Interactive Shell (github.com)
L 9 pts 0 comments by calvin Mar 11, 2020 javascriptsecuritywindows Web DevelopmentSecurity / Privacy thread
How To Bypass CSP By Hiding JavaScript In A PNG Image (secjuice.com)
L 2 pts 3 comments by fcbsd Apr 4, 2020 javascriptsecurityweb Web DevelopmentSecurity / Privacy thread
Spectre Strikes Back: New Hacking Vulnerability Affecting Billions of Computers Worldwide (scitechdaily.com)
SCI 0 pts 1 comments by University of Virginia School of Engineering and Applied Science May 4, 2021 TechnologyComputer ScienceCybersecurityHackingPopularUniversity of Virginia Programming Languages / CS TheorySecurity / PrivacyInternet / Digital Culture thread
Computing experts thought they had developed adequate security patches after the major worldwide Spectre flaw of 2018, but UVA’s discovery shows processors are open to hackers again. In 2018, industry and academic researchers revealed a potentially devastating hardware flaw that made computers...
How JavaScript Restrictor prevents other parties from sniffing on your local applications (polcak.github.io)
L 1 pts 0 comments by taal Jun 17, 2021 browsersjavascriptprivacysecurity Web DevelopmentSecurity / Privacy thread
Reasons to avoid Javascript CDNs (blog.wesleyac.com)
L 25 pts 17 comments by wesleyac Dec 9, 2021 javascriptperformanceprivacysecurityweb Web DevelopmentData / Databases / InfrastructureSecurity / Privacy thread
Javascript Destructing and Untrusted Data (petecorey.com)
L 2 pts 6 comments by petecorey Nov 10, 2022 javascriptsecurity Web DevelopmentSecurity / Privacy thread
How to create a Secure, Random Password with JavaScript (blog.hboeck.de)
L 9 pts 0 comments by hanno Feb 5, 2024 cryptographyjavascriptsecurityweb Web DevelopmentSecurity / Privacy thread
A thought on JavaScript "proof of work" anti-scraper systems (utcc.utoronto.ca)
L 20 pts 23 comments by runxiyu May 28, 2025 devopsjavascriptsecurity Web DevelopmentData / Databases / InfrastructureSecurity / Privacy thread
Object-capability Programming in Javascript (youtube.com)
L 3 pts 0 comments by kuijsten Oct 23, 2025 javascriptsecurityvideo Web DevelopmentProgramming (General)Security / Privacy thread