There's a new JavaScript-based attack in town that will change your router's DNS settings through a mobile website and a visiting smartphone.

Called "JavaScript Template Attack," this new technique revolves around the concept of JavaScript properties and the default values that browser engines return for basic JavaScript queries seeking ...

CloudFlare reports a massive JavaScript-based DDoS attack against one its customers, likely carried out by unsuspecting mobile browsers served a malicious ad.

Security researchers have found a way to use JavaScript to map a home or corporate network and attack connected servers or devices, such as printers or routers. The malicious JavaScript can be ...

Five researchers from the Vrije University in the Netherlands have put together an attack that can be carried out via JavaScript code and break ASLR protection on at least 22 processor micro ...

A security researcher has developed a technique that enables him to use javascript and timing attacks to steal browser data.

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

A new malvertising attack observed in the wild relies on a less used technique to hide the malicious payload. The authors turned to polyglot images to add the JavaScript code that redirects to a ...

The researchers went on to combine their AnC JavaScript with attack code that exploits CVE-2013-0753, a now-patched use-after-free vulnerability in Firefox. Normally, ASLR protections in the 64 ...

The new Rowhammer exploit doesn't just target hardware -- it uses Javascript to do it, and can run within a web browser.