Browser Security News

Malicious JavaScript is getting smarter. It’s now able to fingerprint victims’ Web browsers, vulnerable components and accessible CLSIDs, and deliver custom-tailored exploits, according to Dr. Jose Nazario, senior security engineer for Arbor Networks. Nazario was referring to NeoSploit, a new malware tool he’s seen in the wild that carries at least seven distinct exploits to infect a PC with, from which it can choose based on what that PC’s weak points are.

"We’re seeing a lot of this in the past several months, a lot of malicious JavaScript [at] large," he said. "People are getting more defensive and offensive with JavaScript." Researcher: JavaScript Attacks Get Slicker