Exposed MongoDB instances still targeted in data extortion attacks

A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data.
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
GitHub

JavaScript workshop for first-time JS programmers.

Welcome to the world of JavaScript! This workshop is designed to help you get started with programming in JavaScript. Today, we'll cover the basics of JavaScript syntax. JavaScript, despite its ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
GitHub

Modern JavaScript runtime in Python

Note: jsrun is under development. Expect breaking changes between minor versions. One of the most compelling use cases for jsrun is building safe execution environments for AI agents. When LLMs ...