Security news aggregator

Latest coverage for Node.js

Stay updated on Node.js security with the latest trends, vulnerabilities, and mitigation strategies in the information security world.

413 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Node.js is an open-source, cross-platform, back-end JavaScript runtime environment that runs on the V8 engine and executes JavaScript code outside a web browser. Known for its event-driven architecture and non-blocking I/O capabilities, which make it efficient and suitable for building scalable network applications.

In the context of information security, Node.js plays a significant role as it's widely used to develop various web services that can be targets for cyberattacks. While Node.js itself is considered secure, applications built on it can be vulnerable due to poor coding practices, third-party modules with security flaws, or outdated versions of the Node.js environment. Security concerns with Node.js often involve issues like cross-site scripting (XSS), cross-site request forgery (CSRF), remote code execution, and dependencies with known vulnerabilities. Implementing robust security measures like input validation, secure handling of sessions and cookies, and keeping dependencies updated is essential in mitigating risks associated with Node.js applications.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 413 Filtered view

A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credentials from GitHub, cloud platforms, and local machines, then spreads like a worm by republishing trusted packages. Discover how the attack works, what data is at risk, and the steps you can take to protect your organization. The post Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign appeared first on Microsoft Security Blog.

More from Microsoft Security Research 3 Jun 2026, 4:45 p.m. Incident · 4 stories Cloud Compromise Credentials Github Linux Malicious Code Microsoft Node.js Red Hat Supply Chain Theft Worm
Security Affairs 3 days, 8 hours ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks   TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io   RemotePE: The Lazarus RAT that lives […]

More from Security Affairs 1 Jun 2026, 2:53 a.m. Incident · 2 stories CVE-2026-26980 CVE Compromise Cryptocurrency Malware Node.js Remote Access Trojan Research Supply Chain

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and detection opportunities to help organizations identify and disrupt related activity. The post Malicious npm packages abuse dependency confusion to profile developer environments appeared first on Microsoft Security Blog.

More from Microsoft Security Research 30 May 2026, 12:06 p.m. Abuse Microsoft Node.js Report
Microsoft Security Research 5 days, 20 hours ago

Typosquatted npm packages used to steal cloud and CI/CD secrets

The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The post Typosquatted npm packages used to steal cloud and CI/CD secrets appeared first on Microsoft Security Blog.

More from Microsoft Security Research 29 May 2026, 3:04 p.m. Incident · 8 stories Cloud Credentials Microsoft Mitigation Node.js Report Theft Typosquatting
Security Affairs 1 week, 3 days ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer  New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply Chain Attack Compromises @antv Packages on npm actions-cool/issues-helper GitHub Action Compromised: All Tags Point to […]

More from Security Affairs 25 May 2026, 12:11 a.m. Incident · 2 stories Compromise Credentials Github Infection Malware Node.js Research Supply Chain
Bank Info Security 1 week, 6 days ago

Breach Roundup: Shai-Hulud Copycat Hits npm

Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug SpamThis week, more incidents than we can list here. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven story. A MENA crackdown.

More from Bank Info Security 22 May 2026, 9:00 a.m. Incident · 4 stories Artificial Intelligence Breach CVE Cisco Flaw Linux MFA Malware Microsoft Node.js Passwords Spam

Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kubernetes, Vault, npm, and 1Password platforms. The post Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft appeared first on Microsoft Security Blog.

More from Microsoft Security Research 21 May 2026, 5:48 a.m. Incident · 8 stories Amazon Web Services Automation Compromise Credentials Github Kubernetes Linux Malware Microsoft Node.js Theft