We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

JavaScript

Google fixes another Chrome security flaw being actively exploited
Tech Optimizer
July 11, 2025

Google fixes another Chrome security flaw being actively exploited

Google has addressed a critical vulnerability in its Chrome browser, identified as CVE-2025-6554, which is the fourth zero-day exploit uncovered this year. This high-severity flaw originates from a type confusion bug within Chrome's V8 JavaScript engine, allowing attackers to execute malicious code or access sensitive areas of a system. Google has rolled out an emergency update for Chrome users across Windows, Mac, and Linux platforms. The latest stable versions addressing this exploit are 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac, and 138.0.7204.96 for Linux. Users are urged to update their browsers and verify they are running the most recent version. Additionally, it is recommended to install reliable antivirus software for enhanced protection against cyber threats.
Microsoft enables JScript9Legacy scripting engine to improve Windows 11 security
Winsage
July 11, 2025

Microsoft enables JScript9Legacy scripting engine to improve Windows 11 security

Microsoft is phasing out JScript in Windows 11 24H2 in favor of JScript9Legacy to enhance security. JScript9Legacy is enabled by default and will manage all scripting processes previously reliant on JScript without requiring user action. This new scripting engine offers improved performance, compatibility with modern web standards, and advanced security features to mitigate risks such as cross-site scripting (XSS). The transition is designed to be seamless, although Microsoft has not provided procedures for reverting to JScript if compatibility issues arise. The change is limited to Windows 11 24H2, with no updates planned for earlier Windows versions.
Windows 11 24H2 standardizes its scripting engine
Winsage
July 11, 2025

Windows 11 24H2 standardizes its scripting engine

Microsoft has announced that starting with Windows 11 version 24H2, the JScript9Legacy engine will be enabled by default for all scripting processes that previously relied on the classic JScript engine. This new engine offers improved protection against threats like cross-site scripting (XSS) and enhances performance. Users will not need to take any action, as existing scripts will continue to function normally. In case of compatibility issues, organizations can revert to the previous engine temporarily. The transition marks the retirement of JScript, which has been part of Windows since 1996, as it is now considered outdated and vulnerable. Microsoft has decided to discontinue support for JScript due to the retirement of Internet Explorer and the adoption of the Edge browser. This update applies only to Windows 11 version 24H2 and later, while older versions will still use the original JScript engine.
Windows 11 now uses JScript9Legacy engine for improved security
Winsage
July 11, 2025

Windows 11 now uses JScript9Legacy engine for improved security

Microsoft has replaced the default scripting engine JScript with JScript9Legacy in Windows 11, version 24H2 and beyond to enhance security against web threats, particularly cross-site scripting (XSS) vulnerabilities. JScript, which has been in use since 1996, has become outdated and non-compliant with modern security standards. JScript9Legacy is designed to meet legacy scripting needs while improving security and compatibility. The transition to JScript9Legacy will occur automatically for users, and existing scripts should continue to function without disruption. If compatibility issues arise, users can revert to the previous engine with support from Microsoft.
If you haven't upgraded to Windows 11 24H2 yet, Microsoft's giving you a good reason to do so
Winsage
July 10, 2025

If you haven’t upgraded to Windows 11 24H2 yet, Microsoft’s giving you a good reason to do so

Microsoft has rolled out version 24H2 of Windows 11, enhancing its security framework by updating the scripting engine from JScript to JScript9Legacy. This upgrade improves performance for applications and web pages using JScript and reduces the likelihood of security breaches, particularly from cross-site scripting (XSS) and web-based attacks. The new engine features enhanced management of JavaScript objects and stricter execution policies, increasing resilience against malicious scripts. Windows 11 24H2 has a more robust security posture than its predecessor, 23H2, and the upgrade will become compulsory. Windows 11 25H2 is expected to include similar security improvements.
Microsoft Edge Can Now Load Websites Faster After Migration to WebUI 2.0
Winsage
July 8, 2025

Microsoft Edge Can Now Load Websites Faster After Migration to WebUI 2.0

Microsoft Edge has improved its web browser's loading speed, achieving a global First Contentful Paint (FCP) time of under 300 milliseconds, down from previous times that negatively impacted user satisfaction. Since February 2025, load times have been reduced by an average of 40 percent, with significant enhancements in features such as Settings, Read Aloud, and Split Screen. The migration to WebUI 2.0 has contributed to this improvement, reducing the Settings page load time from 0.394 seconds to 0.034 seconds. Microsoft plans to continue enhancing performance in features like Extensions and Print Preview in the coming months.
Microsoft Edge UI Now 40% Faster on Average, Key UI Elements Load Up to 4x Quicker
Winsage
July 8, 2025

Microsoft Edge UI Now 40% Faster on Average, Key UI Elements Load Up to 4x Quicker

Microsoft has updated its Edge browser, achieving a First Contentful Paint (FCP) of under 300 milliseconds by using its WebUI 2.0 architecture instead of the traditional React framework, resulting in a 40% average reduction in load times for thirteen core features. The updated settings UI shows a fourfold improvement in performance compared to the previous version. This release builds on enhancements from May 2024, which improved launch times by 42-76%, and an optimization effort in February 2025 that targeted fourteen interface subsystems. Internal tests confirm the settings panel now consistently renders in under 300 ms. Microsoft plans to extend these performance improvements to Print Preview and Extensions management throughout 2025.
Microsoft Edge is now faster than ever — again — with 40% quicker load speeds
Winsage
July 8, 2025

Microsoft Edge is now faster than ever — again — with 40% quicker load speeds

Microsoft Edge has introduced a significantly improved user interface with a First Contentful Paint (FCP) time of under 300 milliseconds. Since February, load times have been reduced by an average of 40% across 13 features, including enhanced settings navigation, an AI-powered Read Aloud feature with multi-language support, a Split Screen function for seamless task transitions, and more responsive Workspaces. These improvements are attributed to the implementation of WebUI 2.0, which streamlines code bundles and reduces JavaScript for UI initialization. The Edge team also reported a 9% increase in speed as measured by Speedometer 3.0 earlier this year. Additional features like sleeping tabs and startup boost have been added to enhance performance, with plans for further improvements in Print Preview and Extensions.
Microsoft’s Edge browser now loads sites even faster
Winsage
July 8, 2025

Microsoft’s Edge browser now loads sites even faster

Microsoft has announced significant enhancements to the Edge browser, achieving a First Contentful Paint (FCP) of under 300 milliseconds, which improves user interface responsiveness. This performance metric indicates that the browser can display initial website elements in less than 300 milliseconds. Microsoft emphasizes that waiting longer than 300 to 400 milliseconds can negatively affect user satisfaction. Edge currently holds less than five percent of the global browser market share, while Chrome has 68 percent. Recent upgrades include faster downloads, browsing history, and private tabs, with improvements to 13 additional features. Microsoft plans to introduce further performance enhancements targeting Print Preview and Extensions in the coming months.
XWorm RAT Deploys New Stagers and Loaders to Bypass Defenses
Tech Optimizer
July 7, 2025

XWorm RAT Deploys New Stagers and Loaders to Bypass Defenses

The XWorm Remote Access Trojan (RAT) has evolved its attack strategies by incorporating advanced stagers and loaders to evade detection. It is known for its capabilities, including keylogging, remote desktop access, data exfiltration, and command execution, and is particularly targeted at the software supply chain and gaming sectors. Recent campaigns have paired XWorm with AsyncRAT for initial access before deploying ransomware using the leaked LockBit Black builder. XWorm utilizes various file formats and scripting languages for payload delivery, often through phishing campaigns with deceptive lures like invoices and shipping notifications. It employs obfuscation techniques, including Base64 encoding and AES encryption, and manipulates Windows security features to avoid detection. Persistence mechanisms such as registry run keys and scheduled tasks ensure sustained access. XWorm conducts system reconnaissance, queries for antivirus software, and attempts to disable Microsoft Defender. It can propagate via removable media and execute commands from command-and-control servers. The Splunk Threat Research Team has developed detections for suspicious activities related to XWorm infections. Indicators of compromise include various file hashes for different scripts and loaders associated with XWorm.
Search