Back to updates

JavaScript - 1

2026 (2)

April (1)

security: Mitigating the Axios npm supply chain compromise

Microsoft Security Blog

2026-04-01

Microsoft reports that Axios was compromised in a March 31, 2026 npm supply chain attack. Two newly published version-update packages were used to download from command-and-control infrastructure, which Microsoft Threat Intelligence attributes to the North Korean actor Sapphire Sleet.

January (1)

github: CodeQL 2.24.0 adds Swift 6.2 and .NET 10 support, and improves file handling for minified JavaScript

GitHub

2026-01-29

CodeQL 2.24.0 is a new release of the static analysis engine used by GitHub code scanning. This update adds support for Swift 6.2, compatibility with .NET 10, and improves file handling for minified JavaScript to help detection and analysis of issues in those languages.

2025 (1)

November (1)

azure: [Launched] Generally Available: Azure WAF JavaScript challenge on Azure Front Door

Azure Updates

2025-11-11

Azure announced the general availability of a JavaScript (JS) challenge for Azure Web Application Firewall (WAF) on Azure Front Door to strengthen bot mitigation.