Node.js 25: Escapes from JavaScript sandbox vm2 conceivable

The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Business Wire

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...
InfoWorld

The best JavaScript certifications for getting hired

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...
InfoWorld

Is your Node.js project really secure?

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...
GitHub

Auto Node.js runtime metrics integration

Event Loop Delay node.runtime.event_loop.delay.min gauge node.runtime.event_loop.delay.max gauge node.runtime.event_loop.delay.mean gauge node.runtime.event_loop ...
Bleeping Computer

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and ...
MarketWatch

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

The MarketWatch News Department was not involved in the creation of this content. -- ThreatDown's EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the ...