Blog Archive

Vulnerability Insights

Fixing a Prototype Override Protection Bypass Vulnerability in qs

March 14, 2017

Vulnerability Insights

The Frequency of Known Vulnerabilities in JavaScript Libraries

March 9, 2017

Vulnerability Insights

Fixing XXE Vulnerabilities in Nokogiri

February 14, 2017

Vulnerability Insights

Understanding Responsible Disclosures

January 31, 2017

Vulnerability Insights

Regular Expression Denial of Service (ReDoS) and Catastrophic Backtracking

January 17, 2017

Vulnerability Insights

The MongoDB hack and the importance of secure defaults

January 10, 2017

Vulnerability Insights

Fixing a Remote Code Execution Vulnerability in EJS

November 30, 2016

Vulnerability Insights

Fixing Serverless Security Vulnerabilities

October 20, 2016

Vulnerability Insights

Fixing SQL Injection: ORM is not enough

June 8, 2016

Vulnerability Insights

Fixing `marked` XSS vulnerability

May 15, 2016

Vulnerability Insights

Mitigating ImageMagick vulnerabilities in Node.js

May 6, 2016

Vulnerability Insights

Exploiting Buffer

April 5, 2016

Vulnerability Insights

How to prevent malicious packages

March 27, 2016

Vulnerability Insights

Using Node.js event loop for timing attacks

February 16, 2016