AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GitHub

A JavaScript library that lets you get trophy, user, and game data from the PlayStation Network.

Modular by design, and supports tree-shaking. Aligns with the community API documentation. Supports Node environments (20 and above). Supports browsers. Ships with TypeScript support and types. Zero ...
GitHub

DVAPI Damn Vulnerable API

Welcome to the Damn Vulnerable API ( DVAPI ) project. This project is based on the OWASP API Top 10 2023 Stable version which is published on June 5th 2023. This lab is designed to help you learn ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...