nodejs

Where did these mysterious PrismJS npm versions come from?

Shedding light on mysterious 9000.0.x versions of PrismJS that had left everyone puzzled in 2015, and weren't removed until 2019.

4 years ago

DoS flaw lets attackers crash NodeJS apps via DNS lookups

NodeJS has released fixes for CVE-2020-8277, a DoS vulnerability that could be triggered via DNS requests.

4 years ago

‘CursedGrabber’ Discord malware possibly linked to Russian and Ukrainian hackers

Newly discovered Discord malware "CursedGrabber" has possible links to Russia and Ukraine. It was found infiltrating the npm open source…

4 years ago

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These "typosquatting" packages served no purpose other…

4 years ago

20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability

More than 20,000 GitHub projects rely on the Node.js standard-version utility to implement semantic versioning (semver) and for generating CHANGELOG…

4 years ago

This website uses cookies.