InfoWorld

jQuery 4.0.0 JavaScript library features trusted types

The first major update in nearly 10 years, jQuery 4.0.0 follows a long development cycle and several pre-releases.
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
InfoWorld

State of JavaScript: Highlights of the JavaScript developer survey

The latest State of JavaScript survey provides an up-close look at the JavaScript language features, tools, libraries, and frameworks developers are using and how they're using them. Getting a ...
CoinTelegraph

XRP Ledger Foundation spots ‘crypto stealing backdoor’ in code library

The Foundation said an updated software package has already been published to remove the security breach. The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript ...
The Next Web

How to manipulate date and time in JavaScript

In theory, handling dates as a developer is as simple as creating, storing, and, if necessary, manipulating dates. But as a JavaScript developer, you would know this theory doesn’t hold long after you ...