Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
This is the official Neo4j driver for JavaScript. Starting with 6.0, the Neo4j Drivers is no longer on a monthly release cadence. Minor version releases will happen when there are sufficient new ...
Fix concurrency issue when acquiring network channels. This avoids messages being deliver out of order which would slow down the write path because the log matching would force a message to be recent.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results