Hackaday

PhantomRaven Attack Exploits NPM’s Unchecked HTTP URL Dependency Feature

Having another security threat emanating from Node.js’ Node Package Manager (NPM) feels like a weekly event at this point, ...
Bleeping Computer

Malicious NPM package uses Unicode steganography to evade detection

A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. The ...
SecurityWeek

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. Two critical-severity vulnerabilities in the Mongoose Object ...
GitHub

URL encoding for passwords in MongoDB connection strings

I am writing to request a feature enhancement related to the handling of passwords in MongoDB connection strings. Currently, when a password contains special characters (in my case, %), it can cause ...
GitHub

nikodiaz/url-shortener-api

Acortador de URLs simple construído con Node.js, Express, y MongoDB. La API permite acortar URLs largas y redirigir a la URL original utilizando el enlace corto generado.
Harvard Business Review

Bad Data Costs the U.S. $3 Trillion Per Year

Consider this figure: $136 billion per year. That’s the research firm IDC’s estimate of the size of the big data market, worldwide, in 2016. This figure should surprise no one with an interest in big ...