The Node.js Secure Coding Blog

How JavaScript developers should embrace npm security
The npm ecosystem is a minefield of security risks. How can JavaScript developers protect from these threats and adopt npm security best practices? Here's how.
Apr 17, 2024 ~ 6 min read
npm
security
supply chain security
The XZ backdoor CVE-2024-3094: a JavaScript perspective
The XZ backdoor CVE-2024-3094 already happened in JavaScript 5 years ago but now the xz and liblzma malware bundled onto Linux distributions is bringing forth a world-wide threatening event in cybersecurity that jeopardizes the trust, sustainability and security concerns in the open-source ecosystem.
Mar 31, 2024 ~ 8 min read
event-stream
xz
cve-2024-3094
backdoor
supply chain security
Node.js Security Best Practices
Level up your Node.js security game! This guide explores essential best practices to safeguard your server-side code and build robust, secure applications.
Mar 15, 2024 ~ 6 min read
nodejs
secure
configuration
The Case for Node.js Secure Configuration
How do you maintain Node.js secure configuration? Learn how to protect your Node.js applications from vulnerabilities and unauthorized access.
Mar 9, 2024 ~ 6 min read
nodejs
secure
configuration
Protecting Against Common Node.js Vulnerabilities
Node.js applications can be vulnerable to issues like command injection, path traversal, and insecure APIs. Learn how to avoid these common Node.js security pitfalls.
Mar 1, 2024 ~ 3 min read
nodejs
vulnerabilities
security
Input Validation Security Best Practices for Node.js
Building secure node.js applications starts with applying essential input validation best practices and techniques to prevent common security vulnerabilities.
Feb 27, 2024 ~ 4 min read
nodejs
security
owasp

Newer posts

Older posts