The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its ...
The Hacker News

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by ...
Engadget

NordVPN review 2025: Innovative features, a few missteps

When we say that NordVPN is a good VPN that's not quite great, it's important to put that in perspective. Building a good VPN is hard, as evidenced by all the shovelware VPNs flooding the market.
Developer Tech

Node.js 24: A faster, sleeker JavaScript experience

Node.js 24 has officially arrived, and it’s bringing a rather tasty selection of improvements to the table. If you’re a developer knee-deep in web apps or wrestling with asynchronous code, this ...
GitHub

Certain build processes for libuv and Node.js for 32-bit...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Microsoft

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...
Bleeping Computer

Western Alliance Bank notifies 21,899 customers of data breach

Arizona-based Western Alliance Bank is notifying nearly 22,000 customers their personal information was stolen in October after a third-party vendor's secure file transfer software was breached.
SecurityWeek

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. Two critical-severity vulnerabilities in the Mongoose Object ...
InfoQ

Vite 6 Released: New Environment API Helps Supporting Edge Use Cases

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. This article dives into the happens-before ...
Hacker

Node.js v23.0.0 Released: The End of 32-bit Windows Support

I am a full-stack developer passionate about building scalable and performant web applications using the MERN stack.
InfoWorld

File handling in server-side JavaScript

In server-side JavaScript, you will most likely use the fs library for dealing with the filesystem. This library is a module in Node and other platforms like Bun. So you don’t need to install it using ...