Exploiting Node.js Deserialization Bug for Remote Code Execution

tl;dr Untrusted data passed into unserialize() function in node-serialize module can be exploited to achieve arbitrary code execution by passing a serialized JavaScript Object with an Immediately invoked function expression (IIFE). The Bug During a Node. Read more

Read full article

Similar

We Moved from Golang to Node.js – By Gwinyai – The Cobbles

It’s often thought GoLang or NodeJS applies to a project depending on technical merits of the project. Our decision was different. (more…)

Node.js Graceful Shutdown

How we fixed an issue we had with our zero-downtime code deployment at Dashlane... (more…)

Get HTTPs web server started in under 5 minutes with Node.js

If you search for the word ‘HTTPS’ on medium (yes, this platform!), you will be blown away by the response. Articles here range from The list goes on. Let me remind you, this is just Medium, a simple…

Red – A Minimal Node.js and Mongo Boilerplate with OAuth Authentication

Red - A Light Weight Node.js Framework with OAuth. Contribute to i-break-codes/red development by creating an account on GitHub. (more…)

Node.js – v13.9.0

Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine. (more…)

Latest News

Python behind the scenes #10: how Python dictionaries work

Tic-tac-toe without any JavaScript

Julia Python Interface