Node.js Security
@nodesecurity
Followers
11K
Following
143
Media
40
Statuses
776
Security team at @npmjs tweeting about JavaScript security.
Oakland, CA
Joined February 2013
Automating Vulnerable Dependency Checking in CI Using Open Source by @varrunr
https://t.co/hY4D6fjny5
0
0
5
it’s official! we’re now a part of @github. excited for the next chapter of npm: https://t.co/j19Tv3VLsI
22
429
2K
Big news! We’re excited to announce that @npmjs will be joining @GitHub! We're thrilled to join an organization as committed to open source as we are, so that the npm registry can remain free & public forever. You can read more about this new chapter here: https://t.co/xjInDE46io
50
1K
3K
Going live at 9AM PT! Will be talking about JavaScript ecosystem security and solutions you can get involved in.
We’re live at noon EST / 9am PST with our very special guest @ronperris 😎! Feel free to ask questions on the YT live chat, in Slack (link on https://t.co/hxhFuGOFez) or email us at absoluteappsec@gmail.com. https://t.co/5p7RICiSxU
0
3
9
Did you ever want to know how a pentester makes their way from bug to exploit? Read about how @truesec found and exploited a bug in hot-formula-parser (CVE-2020-6836) https://t.co/vopwYujwBF
1
2
9
Please update your npm cli to v6.13.4 as soon as you can. npm i npm -g https://t.co/jVRZdRXqU9
8
103
123
Great writeup about a remote code execution (RCE) vulnerability in the Strapi framework and the quick response by the Strapi team.
bittherapy.net
CVE: CVE-2019-19609 Vendor: Strapi (https://strapi.io) Product: Strapi Framework Version Affected: strapi-3.0.0-beta.17.7 and earlier Fix PR: https://github.com/strapi/strapi/pull/4636 NPM Advisory:...
0
2
2
the npm security team has been hard at work building infrastructure to do behavioral analysis of npm packages at scale. vp of security, @adam_baldwin, explains what this entails (+ a sneak peek at the security insights API): https://t.co/cjgDSgIwTx
0
6
10
This Node.js Best Practices guide by @nodepractices has some great security guidance. https://t.co/q1omG4DC38
0
13
40
Recent Study Estimates That 50% of Websites Using WebAssembly Apply It for Malicious Purposes https://t.co/X62z6jm98q
infoq.com
A study published in June 2019 reveals that in the Alexa Top 1 million websites, one out of 600 sites execute WebAssembly (Wasm) code. The study moreover finds that over 50% of those sites using...
0
4
7
We get a lot of requests from people wanting to do research around malware in the Registry. It will be really exciting to see what the community does with this data!
for years, npm has maintained the most complete corpus of malware published on the npm registry. learn more about the malware corpus by the numbers & what to look for in our security insights api: https://t.co/BQhROw7gsM
0
2
9
Did you miss us? Well we're back and tweeting. The npm security team has taken over the nodesecurity twitter account and will be keeping you up to date on JavaScript security related happenings.
0
9
38
The Daily Swig speaks to npm’s @adam_baldwin about improving security for the world’s biggest repository of open source software packages https://t.co/2xi6QEJmUn
portswigger.net
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.
0
3
8
The Node Security Platform Service is shutting down tomorrow: https://t.co/F6ThtOVI61
1
4
2
On 9/30 the Node Security Platform will stop working. Here’s what you can do: https://t.co/F6ThtOVI61
0
0
1
JavaScript’s definitive listing of known package vulnerabilities is moving to @npmjs Here’s how to use it: https://t.co/F6ThtOVI61
0
7
5
HashWick - a new vulnerability found by @indutny - impacts all v8js releases.
0
4
9
Are you prepared to move on from the Node Security Platform service? Here’s what you can do: https://t.co/F6ThtOVI61
0
2
2
🔒node.js security release, time to update.
nodejs.org
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
0
10
16