[HackerNews] Critical Bug Reported in NPM Package With Millions of Downloads Weekly

A widely used NPM package called ‘Pac-Resolver’ for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent. 
The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Facebook gives Kazakhstan government direct access to content reporting system

All posts, ZDNet

Facebook and the Kazakhstan government have agreed to counter the spread of content deemed as harmful and illegal. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ZDNet] Microsoft: Zero Trust security just hit the mainstream

All posts, ZDNet

If you work in cybersecurity and you don’t know about Zero Trust, you’re among a very small minority, according to a Microsoft survey. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ZDNet] Breached companies facing higher interest rates and steeper collateral requirements

All posts, ZDNet

A study found that companies dealing with data breaches later faced increased scrutiny from banks. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.