by Azalio tdshpsk | Feb 11, 2022 | Security
The popular NPM registry of JavaScript packages was described as a playground for malicious actors by software scanning services provider WhiteSource Software, which has published a report of its vulnerability analysis of the registry.The WhiteSource research report,...
by Azalio tdshpsk | Jan 22, 2022 | Security
This point release arriving January 20, 2022, just days after Rust 1.58, fixes a race condition in the std::fs::remove_dir_all standard library function. This vulnerability is tracked at CVE-2022-21658 and there was an advisory published. An attacker could use this...
by Azalio tdshpsk | Jan 20, 2022 | Security
Whitfield Diffie and Martin Hellman were outsiders in the field of cryptography when they devised a scheme hitherto unknown: The ability to establish secure communications over public channels between two parties that don’t know each other.The algorithm they presented...
by Azalio tdshpsk | Jan 20, 2022 | Security
In the wake of a recent incident that wreaked havoc on the NPM package registry, a new group of maintainers is reestablishing the Faker project, making it a community effort. The previous maintainer had sabotaged the Faker NPM package with malicious code, impacting...
