Modern JavaScript teams do not just need more vulnerability reports. They need dependency decisions that developers can ...
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. These packages, given ...
Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and execute arbitrary code. A critical vulnerability has been patched in vm2, a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results