Node.js: Updated versions patch high-risk security vulnerabilities

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...
PC World

Joyent polishes Node.js with commercial support package

Recognizing the growing popularity of Node.js for building distributed Web applications, cloud provider Joyent will soon offer a commercial support package for managing the platform, wherever it is ...
ZDNet

GitHub tackles severe vulnerabilities in Node.js packages

GitHub has resolved numerous vulnerabilities in Node.js packages tar and @npmcli/arborist, with the worst allowing file overwrites and arbitrary code execution. On Wednesday, GitHub said the company ...
MyBroadband

Researchers discover rogue Node.js packages stealing data

Security researchers from ReversingLabs discovered that 25 software packages available through the node package manager (NPM) have been stealing end-user data. NPM is the world’s largest open-source ...
SiliconANGLE

NodeSource’s newest tool aims to make the Node.js ecosystem more secure

NodeSource Inc. has taken it upon itself to help the thousands of organizations that use Node.js make their applications more secure. The startup, which was founded three years ago to commercialize ...