Node.js and the "HashWick" vulnerability
This week, the HashWick vulnerability affecting all versions of V8 was publicly disclosed. Read on to see how the vulnerability affects Node.js.
Node.js Security Release Summary - August 2018
Updates shipped for all active Node.js release lines, several low-severity vulnerabilities. Find out how the update impacts you.
A High Level Post Mortem of the eslint-scope Security Incident
A post mortem of the incident surrounding eslint-scope, in which additional code was published with the module to
Node.js Security Release Summary - June 2018
Yesterday updates shipped for all active Node.js release lines, patching five Denial of Service vulnerabilities. Find out how the update impacts you.
Node.js Security Release Summary - March 2018
Today updates shipped for all active Node.js release lines, patching several vulnerabilities with ranging severity. Find out how the update impacts you.
Understanding Vulnerabilities in Node.js Applications with N|Solid
Take a deep dive into the N|Solid dashboard and the in-production Node.js vulnerability monitoring tooling it provides.
Creating and Saving Views in N|Solid 3.0
Learn to create and save custom views to monitor your Node.js processes vulnerabilities in N|Solid 3.0.
The State of Node.js Security in 2017
We've partnered with Sqreen to survey Node.js developers about their experience and practice with Node.js security - and the results were abysmal.
Node.js Security Release Summary - November 2017
A summary and impact assessment of the OpenSSL release applied to Node.js for ALL active release lines - Node.js 4, 6, 8, and 9.
Node.js Security Release Summary - October 2017
A summary of the Denial of Service (DOS) security vulnerability patched in Node.js core on ALL active release lines - Node.js 4, 6, and 8.
Node.js Security Release Summary - September 2017
The Node.js team has released a semver minor update for the Node.js 8.x release line, patching a security vulnerability in Node.js 8.5.0.
How to Reduce Risk and Improve Security Around npm
With recent security issues around npm, we wanted to share tools, resources, and projects to help cover your apps and services that depend on npm modules.