The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
GitHub

AKS Node Image Builder

Driver 535 works on both K80 and V100 but 470 is more stable on K80s. The install script auto-detects and picks the right one. Images should be rebuilt monthly or when critical CVEs drop. The GitHub ...
GitHub

VWO Feature Management and Experimentation SDK for Node.js and JavaScript(Browser)

The VWO Feature Management and Experimentation SDK (VWO FME Node SDK) enables Node.js and JavaScript developers to integrate feature flagging and experimentation into their applications. This SDK ...
IEEE

Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...