Do Son
A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...
Node.js
A critical vulnerability has been uncovered in the @nestjs/devtools-integration packageβa component of the popular NestJS framework for...
In a major cybersecurity revelation, Check Point Research (CPR) has disclosed the full scale of a stealthy...
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...
The OpenJS Foundation has released important updates to Node.js 24.x, 22.x, and 20.x release lines, addressing two...
Two high-impact security advisories have been released for the pbkdf2 npm packageβan essential utility in the JavaScript...
A critical vulnerability in AWS Amplifyβs UI generation tool, @aws-amplify/codegen-ui, is putting developersβand their build pipelinesβat serious...
A study titled “Eradicating the Unseen” reveals the widespread presence of a critical path traversal vulnerability (CWE-22)...
With over 26.3 million monthly downloads, Multer is a go-to middleware for handling multipart/form-data in Node.jsβespecially for...
Node.js Alerts: High-Severity Flaw (CVE-2025-23166) Risks Remote System Crashes! Update Immediately!
Node.js Alerts: High-Severity Flaw (CVE-2025-23166) Risks Remote System Crashes! Update Immediately!
In an important security announcement released recently, the Node.js team has rolled out vital updates for its...
A new supply chain attack has been uncovered by Socket’s Threat Research Team, targeting developers who create...
Microsoft Defender Experts (DEX) has observed a rise in malicious campaigns that use Node.js to deliver malware...
Two critical vulnerabilities have been identified in the xml-crypto library, a popular Node.js library for XML digital...
In a significant shift in its vulnerability management approach, the Node.js team has decided to extend Common...
The Node.js project has released updates to address several security vulnerabilities, including a high-severity flaw that could...
In a significant move to bolster security and encourage users to stay up-to-date, the Node.js Project has...
A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package,...
CYFIRMA recently identified “Wish Stealer,” a new Node.js-based malware that targets Windows users by stealing sensitive information...
The Node.js Project has released a security update to address multiple vulnerabilities, including a high-severity flaw that...
MySQL2, a popular MySQL client library for Node.js with over 2 million monthly downloads, has been found...