Tweet fijado
Node.js Security
776 posts
Node.js Security
@nodesecurity
Security team at @npmjs tweeting about JavaScript security.
Oakland, CA Se unió Şubat 2013
3 Siguiendo11K Seguidores
Automating Vulnerable Dependency Checking in CI Using Open Source by @varrunr
sec.okta.com/articles/2020/…
English
Node.js Security retuiteado
it’s official! we’re now a part of @github. excited for the next chapter of npm: buff.ly/2XQ7fjR
English
Node.js Security retuiteado
Big news! We’re excited to announce that @npmjs will be joining @GitHub! We're thrilled to join an organization as committed to open source as we are, so that the npm registry can remain free & public forever.
You can read more about this new chapter here: buff.ly/3aYygVf
English
Node.js Security retuiteado
Going live at 9AM PT! Will be talking about JavaScript ecosystem security and solutions you can get involved in.
Absolute AppSec@absoluteappsec
We’re live at noon EST / 9am PST with our very special guest @ronperris 😎! Feel free to ask questions on the YT live chat, in Slack (link on absoluteappsec.com) or email us at absoluteappsec@gmail.com. youtube.com/watch?v=2bs6gQ…
English
Did you ever want to know how a pentester makes their way from bug to exploit? Read about how @truesec found and exploited a bug in hot-formula-parser (CVE-2020-6836)
blog.truesec.com/2020/01/17/rev…
English
Please update your npm cli to v6.13.4 as soon as you can.
npm i npm -g
blog.npmjs.org/post/189618601…
English
Great writeup about a remote code execution (RCE) vulnerability in the Strapi framework and the quick response by the Strapi team. bittherapy.net/post/strapi-fr…
English
Node.js Security retuiteado
the npm security team has been hard at work building infrastructure to do behavioral analysis of npm packages at scale. vp of security, @adam_baldwin, explains what this entails (+ a sneak peek at the security insights API): buff.ly/35ct9hw
English
This Node.js Best Practices guide by @nodepractices has some great security guidance.
github.com/goldbergyoni/n…
English
Recent Study Estimates That 50% of Websites Using WebAssembly Apply It for Malicious Purposes
infoq.com/news/2019/10/W…
English
Node.js Security retuiteado
We get a lot of requests from people wanting to do research around malware in the Registry. It will be really exciting to see what the community does with this data!
npm@npmjs
for years, npm has maintained the most complete corpus of malware published on the npm registry. learn more about the malware corpus by the numbers & what to look for in our security insights api: buff.ly/32nG67g
English
Did you miss us? Well we're back and tweeting. The npm security team has taken over the nodesecurity twitter account and will be keeping you up to date on JavaScript security related happenings.
English
Node.js Security retuiteado
The Daily Swig speaks to npm’s @adam_baldwin about improving security for the world’s biggest repository of open source software packages
portswigger.net/daily-swig/the…
English
The Node Security Platform Service is shutting down tomorrow:
buff.ly/2KKjxAT
English
On 9/30 the Node Security Platform will stop working. Here’s what you can do:
buff.ly/2KKjxAT
English
The Node Security Platform is shutting down on 9/30: buff.ly/2KKjxAT
English
JavaScript’s definitive listing of known package vulnerabilities is moving to @npmjs Here’s how to use it:
buff.ly/2KKjxAT
English
HashWick - a new vulnerability found by @indutny - impacts all v8js releases.
English
Are you prepared to move on from the Node Security Platform service? Here’s what you can do:
buff.ly/2KKjxAT
English
🔒node.js security release, time to update. nodejs.org/en/blog/vulner…
English