Node.js

Severe remote code execution vulnerability in Node.js library: Update immediately

On: March 16, 2022

In: Vulnerabilities

Tagged: Common Vulnerability Scoring System (CVSS), Cyberattack, cybercrime, cybersecurity, GitHub, Hacking, incident, incidents, Information Security, MongoDb, Node.js, Parse Server, PostgreSQL, remote code execution (RCE), vulnerability

Cybersecurity specialists recommend users of Parse Server, a popular API server module for Node/Express, immediately apply a fix for a newly detected remote code execution (RCE) vulnerability. Identified by securityRead More →

NPM libraries with millions of downloads were poisoned with backdoor malware. Audit your web applications

On: November 5, 2021

In: Cyber Security

Tagged: Amazon, backdoor, Command-Option-Argument (coa), Cyberattack, cybersecurity, facebook, GitHub, Hacking, Information Security, malware, Microsoft, Node.js, npm, Open Source

A security report notes that Command-Option-Argument (coa), the popular npm library, has been infiltrated with a malicious backdoor code, which could have severe consequences worldwide. This library is downloaded aboutRead More →