Disabling JS is incredibly beneficial for browser performance, battery life, privacy/tracking protection. As an added bonus, it protects you from malware from all the vulnerabilities in Javascript engines.
Which vulnerabilities in the past few years were actually used as a way to propagate malware (Not targeted 0-days)? Even with a JS engine vulnerability, you'd still need a sandbox escape to do something useful with it
Most of the vulnerabilities I've seen that could infect your machine from a website require JS to work and most of those had nothing to do with the engine itself. Sandbox escapes are extremely common. Chrome patched one that'd been being actively exploited just last week
It also makes a lot of basic features on websites unusable. Just an HN vote uses JS. They deliberately added a fallback to work without it too, which most websites won't do, but it still has to reload the page.
Because of my job I end up browsing the web with JS disabled by default and 90% of the time I don't need JS at all. Most of the time there are features of websites that break/don't work (menus, search, videos, ads, etc) but the actual thing I went to the website to get works just fine. In fact, pages load much faster and look much cleaner!
There are some annoying websites that can't manage to display simple text or even a basic image without JS (which is just bad web designers doing bad web design) and some instances where the content I need is obscured by something that doesn't behave without JS (like an expanding menu spewed out all over the place because JS isn't there to hide what hasn't been selected/hovered over) but in those cases it's usually just 2 clicks to solve the issue (either for just that visit or for every visit to that domain in the future as well) so it's not really a big deal. I'm currently using HN without JS and it's great.
