“security” Archive

177. Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects · Apr 15, 2024 · open-source
178. Wednesday, April 10, 2024 Security Releases · Apr 10, 2024 · release-notes, nodejs
179. The V8 Sandbox · Apr 4, 2024 · v8
180. Wednesday, April 3, 2024 Security Releases · Apr 3, 2024 · release-notes, nodejs
181. Using JSON Web Tokens With Node.js · Apr 3, 2024 · json-web-tokens, nodejs, authentication
182. Building a Digital Fortress: How to Strengthen DNS Against DDoS Attacks? · Apr 3, 2024 · dns
183. In-App Browsers Are Still a Privacy, Security, and Choice Problem · Mar 27, 2024 · user-agents, mobile, privacy
184. How npm Install Scripts Can Be Weaponized: A Real-World Example of a Harmful npm Package · Mar 3, 2024 · npm, dependencies, examples
185. Preventing SQL Injection Attacks in Node.js · Feb 20, 2024 · nodejs, databases, sql
186. Wednesday, February 14, 2024 Security Releases · Feb 14, 2024 · release-notes, nodejs
187. How to Boost WordPress Security and Protect Your SEO Ranking · Feb 12, 2024 · how-tos, wordpress, seo
188. Malicious npm Package Masquerades as Noblox.js, Targeting Roblox Users for Data Theft · Feb 6, 2024 · npm, dependencies
189. Practice Safe DSD With “setHTMLUnsafe” (It’s Complicated) · Jan 31, 2024 · html, dom, shadow-dom, apis
190. Tuesday, February 6, 2024 Security Releases · Jan 30, 2024 · release-notes, nodejs
191. JWT vs. Session Authentication · Jan 25, 2024 · authentication, json-web-tokens, comparisons
192. GitHub, npm Registry Abused to Host SSH Key-Stealing Malware · Jan 24, 2024 · github, npm, open-source
193. Deceptive Deprecation: The Truth About npm Deprecated Packages · Jan 18, 2024 · npm, dependencies, research
194. Safely Accessing the DOM With Angular SSR · Jan 17, 2024 · dom, javascript, angular, server-side-rendering
195. Node.js Security Progress Report—Progress on Permission Model, Fuzzer, and Connections With Community · Jan 16, 2024 · nodejs
196. I Hate CORS · Jan 14, 2024 · videos, cors
197. Building Multiple Progressive Web Apps on the Same Domain · Jan 4, 2024 · videos, web-apps, architecture
198. Session-Based vs. Token-Based Authentication: Which Is Better? · Dec 23, 2023 · authentication, json-web-tokens, comparisons
199. 10 Best Practices for Secure Code Review of Node.js Code · Dec 20, 2023 · best-practices, code-reviews, nodejs
200. Security Headers Using “<meta>” · Dec 7, 2023 · csp, html
201. Blind CSS Exfiltration: Exfiltrate Unknown Web Pages · Dec 5, 2023 · css
202. Mastering Cryptography Fundamentals With Node’s “crypto” Module · Nov 11, 2023 · cryptography, nodejs
203. Secure Code Review Tips to Defend Against Vulnerable Node.js Code · Nov 8, 2023 · nodejs, code-reviews
204. Understanding CORS · Nov 4, 2023 · cors
205. Secret Scanning Scans Public npm Packages · Oct 26, 2023 · github, npm, dependencies
206. What the !#@% Is a Passkey? · Oct 26, 2023 · passwords
207. Local HTTPS for Next.js 13.5 · Oct 10, 2023 · testing, http, nextjs
208. A Comprehensive Guide to the Dangers of Regular Expressions in JavaScript · Sep 28, 2023 · guides, javascript, regex
209. SSH Keys Stolen by Stream of Malicious PyPI and npm Packages · Sep 27, 2023 · ssh, dependencies, npm
210. Best Practices for Securing Node.js Applications in Production · Sep 27, 2023 · best-practices, nodejs
211. npm Provenance General Availability · Sep 26, 2023 · github, npm, provenance
212. The WebP 0-Day · Sep 21, 2023 · webp, google, apple
213. Open Source Trends to Look for in 2024 · Sep 21, 2023 · open-source, trends, visions, ai
214. Securing Your Node.js Apps by Analyzing Real-World Command Injection Examples · Sep 15, 2023 · nodejs, history, examples
215. How to Implement SSL/TLS Pinning in Node.js · Aug 29, 2023 · how-tos, ssl, tls, nodejs
216. A More Intelligent and Secure Web · Aug 24, 2023 · videos, w3c, standards, web, web-platform
217. Demystifying CORS: Understanding How Cross-Origin Resource Sharing Works · Aug 18, 2023 · cors, javascript
218. Towards HTTPS by Default · Aug 16, 2023 · user-agents, google, chrome, http, tls
219. Sophisticated, Highly-Targeted Attacks Continue to Plague npm · Aug 12, 2023 · npm
220. An Update on Chrome Security Updates—Shipping Security Fixes to You Faster · Aug 8, 2023 · user-agents, google, chrome
221. Tuesday, August 8, 2023 Security Releases · Jul 31, 2023 · release-notes, nodejs
222. Publishing With npm Provenance from Private Source Repositories Is No Longer Supported · Jul 26, 2023 · github, npm, provenance, open-source
223. Social Engineering Campaign Targeting Tech Employees Spreading Through npm Malware · Jul 25, 2023 · npm
224. Securing the Web Forward: Addressing Developer Concerns in Web Security · Jul 24, 2023 · web, surveys
225. Encoding: A Brief History and Its Role in Cybersecurity · Jul 19, 2023 · encoding, unicode, history
226. Node.js Security Progress Report—17 Reports Closed · Jul 17, 2023 · nodejs
227. The Importance of Verifying Webhook Signatures · Jun 29, 2023 · webhooks
228. The Massive Bug at the Heart of the npm Ecosystem · Jun 27, 2023 · npm, dependencies
229. All You Need to Know About CORS and CORS Errors · Jun 23, 2023 · cors, errors
230. Understanding Authorization Before Authentication: Enhancing Web API Security · Jun 23, 2023 · authorization, authentication, apis, comparisons
231. An Introduction to Command Injection Vulnerabilities in Node.js and JavaScript · Jun 23, 2023 · introductions, nodejs, javascript
232. Tuesday, June 20, 2023 Security Releases · Jun 13, 2023 · release-notes, nodejs
233. security.txt Now Mandatory for Dutch Government Websites · May 31, 2023 · legal
234. File Upload Security and Malware Protection · May 23, 2023 · file-handling, edge-computing
235. Security Implications of HTTP Response Headers · May 3, 2023 · http
236. Introducing npm Package Provenance · Apr 19, 2023 · github, npm, provenance, open-source
237. Generating Provenance Statements · Apr 19, 2023 · npm, provenance
238. 8 Best Tools for Cryptography and Encryption · Apr 18, 2023 · link-lists, tooling, comparisons, cryptography, privacy
239. Dissecting npm Malware: Five Packages and Their Evil Install Scripts · Apr 15, 2023 · npm
240. Passkeys: What the Heck and Why? · Apr 12, 2023 · passwords
241. Cryptographically Protecting Your SPA · Mar 17, 2023 · spas, cryptography
242. Without Accessibility, There Is No Privacy or Security · Feb 28, 2023 · accessibility, privacy
243. How to Password-Protect a Static HTML Page With No JS · Feb 20, 2023 · how-tos, css, fonts
244. Quick Tip: How to Hash a Password in PHP · Feb 14, 2023 · how-tos, php, passwords, tips-and-tricks
245. Sandboxing JavaScript Code · Feb 12, 2023 · javascript
246. Unlocking Security Updates for Transitive Dependencies With npm · Jan 19, 2023 · npm, dependencies, maintenance
247. Conditional API Responses for JavaScript vs. HTML Forms · Jan 3, 2023 · javascript, html, forms, comparisons
248. Why Do We Need Authorization and Authentication? · Dec 30, 2022 · authorization, authentication
249. The Top 10 Security Vulnerabilities for Web Applications · Dec 20, 2022 · web-apps
250. Leaked a Secret? Check Your GitHub Alerts… for Free · Dec 15, 2022 · github
251. DOM Clobbering · Dec 12, 2022 · dom
252. New npm Features for Secure Publishing and Safe Consumption · Dec 6, 2022 · npm, dependencies
253. Using SRI to Protect from Malicious JavaScript · Dec 3, 2022 · javascript
254. WordPress Versions 3.7–4.0 No Longer Get Security Updates · Nov 30, 2022 · wordpress
255. “Not Secure” Warning for IE Mode · Nov 16, 2022 · user-agents, microsoft, edge, internet-explorer
256. Node.js Security Best Practices · Nov 10, 2022 · nodejs, best-practices
257. npm Security: Preventing Supply Chain Attacks · Nov 7, 2022 · npm, dependencies
258. Secure JavaScript URL Validation · Oct 17, 2022 · javascript, validation, urls
259. Create a Passkey for Passwordless Logins · Oct 12, 2022 · authentication, passwords
260. Designing a Secure API · Oct 4, 2022 · software-design, apis
261. Phylum Detects Active Typosquatting Campaign Targeting npm Developers · Oct 2, 2022 · npm, dependencies
262. Security · Sep 26, 2022 · studies, research
263. Continue Using .env Files as Usual · Sep 24, 2022 · environments
264. Quick Reminder: HTML5 “required” and “pattern” Are Not a Security Feature · Sep 22, 2022 · html, forms
265. Stop Using .env Files Now · Sep 19, 2022 · environments
266. Debunking Myths About HTTPS · Sep 18, 2022 · http
267. Secure Your Node.js App With JSON Web Tokens · Sep 14, 2022 · nodejs, json-web-tokens
268. Dependabot Unlocks Transitive Dependencies for npm Projects · Sep 7, 2022 · dependencies, npm
269. JavaScript Bugs Aplenty in Node.js Ecosystem—Found Automatically · Aug 30, 2022 · studies, research, nodejs, javascript, dependencies, quality
270. Introducing Even More Security Enhancements to npm · Jul 26, 2022 · npm
271. What Is Passwordless Authentication and How to Implement It · Jul 18, 2022 · authentication, passwords
272. GA4 Is Being Blocked by Content Security Policy · Jun 25, 2022 · csp, metrics, google
273. Please Remove That .git Folder · Jun 22, 2022 · git
274. Should I Have Separate GitHub Accounts for Personal and Professional Projects? · Jun 14, 2022 · discussions, github, career
275. Understanding CSRF Attacks · May 29, 2022
276. npm Security Update: Attack Campaign Using Stolen OAuth Tokens · May 26, 2022 · version-control, npm, github
277. Snyk Finds 200+ Malicious npm Packages, Including Cobalt Strike Dependency Confusion Attacks · May 24, 2022 · javascript, npm, dependencies
278. Unexpectedly HTTPS? · May 16, 2022 · http
279. How to Respond to Growing Supply Chain Security Risks? · Apr 3, 2022 · how-tos, dependencies, nodejs, npm
280. The Web Is for Everyone: Our Vision for the Evolution of the Web · Mar 23, 2022 · web, visions, privacy, accessibility, performance, user-experience
281. Using HTTPS in Your Development Environment · Mar 7, 2022 · http, environments
282. How to Prevent SQL Injection Attacks in Node.js · Mar 3, 2022 · how-tos, nodejs, databases, sql
283. How to Fix Your Security Vulnerabilities With npm Override · Feb 23, 2022 · how-tos, npm, dependencies
284. Can You Get Pwned With CSS? · Feb 23, 2022 · css
285. Accessibly Insecure · Jan 31, 2022 · accessibility
286. Lessons Learned from Publishing a Content Security Policy · Dec 14, 2021 · lessons, csp
287. CSS Fingerprinting · Dec 5, 2021 · websites, css, privacy
288. Ain’t No Party Like a Third Party · Dec 3, 2021 · dependencies, embed-code
289. Security · Dec 1, 2021 · studies, research
290. GitHub’s Commitment to npm Ecosystem Security · Nov 15, 2021 · github, npm
291. Understanding and Implementing OAuth2 in Node.js · Oct 18, 2021 · nodejs
292. How to Win at CORS · Oct 12, 2021 · how-tos, cors, html, http
293. The Options for Password-Revealing Inputs · Oct 6, 2021 · html, css, passwords, usability
294. npm Security Best Practices · Aug 3, 2021 · npm, best-practices
295. Encoding Data for POST Requests · Jun 30, 2021 · javascript, encoding
296. NPM Global Audit · Jun 16, 2021 · packages, npm, quality, auditing
297. Understanding and Preventing Common Security Vulnerabilities · Jun 15, 2021
298. Open Source Insights · Jun 3, 2021 · websites, open-source, dependencies, licensing
299. Is Edge Computing Secure? Here Are 4 Security Risks to Be Aware Of · Dec 9, 2020 · edge-computing
300. TLS and mTLS Demystified · Dec 9, 2020 · tls, protocols
301. Best Practices for Inclusive Textual Websites · Nov 23, 2020 · performance, accessibility, best-practices
302. What Is mTLS and How Does It Work? · Apr 30, 2020
303. Mutual TLS: Stuff You Should Know · Mar 19, 2020 · tls, protocols
304. ASCII to Unicode Encoder and Decoder · tools, exploration, conversion, unicode, encoding
305. DNSSEC Checker · tools, analysis, dns
306. Website Experience Analyzer · tools, analysis, performance, user-experience
307. security.txt Generator · tools, exploration, content
308. WebRTC and IP Address Leak Checker · tools, exploration, network, ip, protocols
309. User Identity Generator · tools, exploration, placeholders, randomness
310. Cross-Site WebSocket Hijacking Tester · tools, analysis
311. Content Security Policy Validator (Google) · tools, analysis, csp, conformance
312. Content Security Policy Validator (CSP Validator) · tools, analysis, csp, conformance
313. Subresource Integrity Hash Generator · tools, exploration
314. Website Headers Analyzer (Mozilla) · tools, analysis, http
315. MD5 Hash Generator · tools, exploration
316. Email Blacklist Checker · tools, analysis, email
317. Website Headers Analyzer (Dries Buytaert) · tools, analysis, http
318. SSL Checker (SSL Shopper) · tools, analysis, ssl
319. SSL Checker (Qualys) · tools, analysis, ssl
320. Website Headers Analyzer (Security Headers) · tools, analysis, http
321. Password Security Checker · tools, exploration, passwords
322. “chmod” Calculator · tools, exploration, permissions
323. Website Security Checker (Google) · tools, analysis
324. SPF Record Checker · tools, analysis
325. Cookie Use Checker · tools, analysis, cookies
326. Password Generator (Frontend Dogma) · tools, exploration, passwords
327. SSL Client Checker · tools, exploration, ssl
328. Password Security Checker and Generator · tools, exploration, passwords
329. Password Generator (Gibson Research Corporation) · tools, exploration, passwords
330. Password Generator (Arantius.com) · tools, exploration, passwords
331. SPF Record Generator · tools, exploration, dns
332. SHA-512 Hash Generator · tools, exploration
333. Security Leak Victim Checker (Have I Been Pwned) · tools, exploration
334. Security Leak Victim Checker (Hasso Plattner Institute) · tools, exploration
335. HMAC Checker · tools, exploration
336. Hash Generator · tools, exploration
337. Executable File Analyzer · tools, exploration
338. Device Vulnerability Checker · tools, exploration
339. CSR Decoder · tools, exploration
340. Browser Fingerprint Checker · tools, exploration, user-agents
341. Blowfish Hash Generator · tools, exploration
342. AES Encrypter and Decrypter · tools, exploration
343. Domain or IP Spam Checker · tools, analysis, domains
344. Server Port Scanner · tools, analysis, network, servers
345. Abuse Contact Lookup · tools, analysis, policies
346. Website Security Checker (Norton) · tools, analysis
347. Website Scam Checker · tools, analysis
348. Website Privacy Checker · tools, analysis, privacy
349. Website Certificate Fingerprint Checker · tools, analysis
350. Virus Scanner · tools, analysis
351. Site and Origin Comparer · tools, analysis, comparisons
352. Malware and Security Scanner · tools, analysis
353. P3P Validator · tools, analysis, conformance

• All topics
• All entries