The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...
InfoWorld

Intro to Express.js: Endpoints, parameters, and routes

Express is a popular HTTP server and middleware platform for Node.js, and here you'll learn some of the top reasons why. Get started with request handling and more in Express.js. Express.js is the ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
InfoWorld

Bundling with the Bun.js bundler

Bun.js is the drop-in replacement for Node that now comes with a blazingly-fast bundler. Here's a first look at bundling with Bun.js. Bun.js is an exciting new project in the JavaScript ecosystem that ...
CSOonline

How to block malicious JavaScript files in Windows environments

Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how. There have been several recent reports of fake ...
Computerworld

Blocking JavaScript can stop some Windows malware

Email attachments are probably the most common mechanism for infecting a Windows computer. As potential victims get wise to the tried and true infection schemes, bad guys have a relatively new wrinkle ...