This article from Tech News World looks at shadow code, which third-party scripts and libraries often add to web applications without security validation, and the risks it poses to websites. The article includes an interview with Jonathan Tanner, senior security researcher at Barracuda.