Ars Technica

.pac file/proxy management

I need to use a juniper VPN tunnel to access certain applications. When that tunnel is active, I need to have IE point to a pac file behind the VPN. That is all fine and dandy. Until of course, I ...
Threat Post

Attackers Using Malicious PAC Files in Phishing Attacks

Malware authors have developed a new, and frighteningly effective, tactic that uses a feature built into all of the modern browsers to redirect users to malicious sites without their knowledge or ...
Threat Post

WPAD Flaws Leak HTTPS URLs

Sniffing HTTPS URLs with malicious PAC files gets easier with a new technique that exploits flaws in the Web Proxy AutoDiscovery protocol. LAS VEGAS — Researchers have found flaws in the Web Proxy ...
ZDNet

This NPM package with millions of weekly downloads has fixed a remote code execution flaw

A very popular NPM package called 'pac-resolver' for the JavaScript programming language has been fixed to address a remote code execution flaw that could affect a lot of Node.js applications. The ...
Graham Cluley

Update now! Bug means large PAC files can crash Android phones

A security hole allows attackers to crash Android phones and force them to soft-reboot. Discovered by Nightwatch Cybersecurity software engineer Yakov Shafranovich, the bug hinges on what are known as ...