The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
GitHub

Parses URLSearchParams to JavaScript objects according to Zod schemas.

$ git clone https://github.com/seamapi/url-search-params-parser.git $ cd url-search-params-parser $ nvm install $ npm install $ npm run test:watch ...
IEEE

Log Sequence Anomaly Detection Based on Template and Parameter Parsing via BERT

Abstract: Logs record various operations and events during system running in text format, which is an essential basis for detecting and identifying potential security threats or system failures, and ...
IEEE

Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...