Critical flaw in new tool could allow attackers to steal data at will from developers working with untrusted repositories.

JavaScript injection attacks surged in 2024, hitting major brands via Polyfill.io. Learn why frameworks failed.