InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
GitHub

Mearman/Unicode-TeX-Character-Converter

Initially, this library was designed to assist with the conversion of content within BibTeX files. However, its utility extends to any scenario requiring conversion between Unicode and LaTeX/BibTeX ...
IEEE

HeVulD: A Static Vulnerability Detection Method Using Heterogeneous Graph Code Representation

Abstract: Vulnerability detection in source code has been a focal point of research in recent years. Traditional rule-based methods fail to identify complex and unknown vulnerabilities, leading to ...
The Hacker News

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT. The names of the packages, all of which were ...