Threat actors may abuse various implementations of JavaScript for execution. JavaScript (JS) is a platform-independent scripting language (compiled just-in-time at runtime) commonly associated with scripts in webpages, though JS can be executed in runtime environments outside the browser.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.