Security team at @npmjs tweeting about JavaScript security.
Joined February 2013
- Tweets 776
- Following 3
- Followers 11,010
- Likes 142
40 Photos and videos
9 Jul 2020
Automating Vulnerable Dependency Checking in CI Using Open Source by @varrunr
sec.okta.com/articles/2020/0…
5
it’s official! we’re now a part of @github. excited for the next chapter of npm: buff.ly/2XQ7fjR
22
424
1,737
Big news! We’re excited to announce that @npmjs will be joining @GitHub! We're thrilled to join an organization as committed to open source as we are, so that the npm registry can remain free & public forever.
You can read more about this new chapter here: buff.ly/3aYygVf
49
1,345
2,971
Node.js Security retweeted
6 Feb 2020
Going live at 9AM PT! Will be talking about JavaScript ecosystem security and solutions you can get involved in.
6 Feb 2020
We’re live at noon EST / 9am PST with our very special guest @ronperris 😎! Feel free to ask questions on the YT live chat, in Slack (link on absoluteappsec.com) or email us at absoluteappsec@gmail.com.
youtube.com/watch?v=2bs6gQjL…
3
9
22 Jan 2020
Did you ever want to know how a pentester makes their way from bug to exploit? Read about how @truesec found and exploited a bug in hot-formula-parser (CVE-2020-6836)
blog.truesec.com/2020/01/17/…
1
2
9
12 Dec 2019
Please update your npm cli to v6.13.4 as soon as you can.
npm i npm -g
blog.npmjs.org/post/18961860…
8
102
123
5 Dec 2019
Great writeup about a remote code execution (RCE) vulnerability in the Strapi framework and the quick response by the Strapi team. bittherapy.net/post/strapi-f…
2
2
the npm security team has been hard at work building infrastructure to do behavioral analysis of npm packages at scale. vp of security, @adam_baldwin, explains what this entails ( a sneak peek at the security insights API): buff.ly/35ct9hw
6
10
5 Nov 2019
This Node.js Best Practices guide by @nodepractices has some great security guidance.
github.com/goldbergyoni/node…
13
38
4 Nov 2019
Recent Study Estimates That 50% of Websites Using WebAssembly Apply It for Malicious Purposes
infoq.com/news/2019/10/WebAs…
4
7
Node.js Security retweeted
16 Oct 2019
We get a lot of requests from people wanting to do research around malware in the Registry. It will be really exciting to see what the community does with this data!
for years, npm has maintained the most complete corpus of malware published on the npm registry. learn more about the malware corpus by the numbers & what to look for in our security insights api: buff.ly/32nG67g
2
9
8 Oct 2019
Did you miss us? Well we're back and tweeting. The npm security team has taken over the nodesecurity twitter account and will be keeping you up to date on JavaScript security related happenings.
9
38
Node.js Security retweeted
8 Oct 2019
The Daily Swig speaks to npm’s @adam_baldwin about improving security for the world’s biggest repository of open source software packages
portswigger.net/daily-swig/t…
3
8
24 Sep 2018
On 9/30 the Node Security Platform will stop working. Here’s what you can do:
buff.ly/2KKjxAT
1
3 Sep 2018
JavaScript’s definitive listing of known package vulnerabilities is moving to @npmjs Here’s how to use it:
buff.ly/2KKjxAT
7
5
20 Aug 2018
Are you prepared to move on from the Node Security Platform service? Here’s what you can do:
buff.ly/2KKjxAT
2
2