GitHub Identifies Multiple Security Vulnerabilities in Node.js Packages

  Cybersecurity researchers at GitHub have uncovered arbitrary code execution vulnerabilities in the open-source Node.js packages, “tar” and “@npmcli/arborist,”.  The tar package has accounted for 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. The vulnerabilities in Node.js packages impact both Windows and Unix-based users, and if left unpatched, […]

Continue Reading