Hardening Node.js Apps in Production: 8 Layers of Practical Security Jul 29, 2025 401 nodejs , best-practices eslint-config-prettier Compromised: How npm Package With 30 Million Downloads Spread Malware Jul 21, 2025 400 prettier , eslint , npm , malware npm Phishing Email Targets Developers With Typosquatted Domain sar /soc )Jul 18, 2025 399 npm AI Agents Are Creating a New Security Nightmare for Enterprises and Startups the )Jul 18, 2025 398 ai , apis Tuesday, July 15, 2025 Security Releases nod )Jul 15, 2025 397 release-notes , nodejs Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader soc )Jul 14, 2025 396 npm , dependencies MCP Security Vulnerabilities and Attack Vectors Jun 27, 2025 395 mcp , ai A New Era of Code Quality Jun 24, 2025 394 quality JWTs Are Not Session Tokens, Stop Using Them Like One Jun 21, 2025 393 json-web-tokens , authentication The Growing Risk of Malicious Browser Extensions soc )Jun 13, 2025 392 browser-extensions Design Patterns for Securing LLM Agents Against Prompt Injections sim )Jun 13, 2025 391 studies , research , ai , prompting , software-design-patterns HTML Spec Change: Escaping “<” and “>” in Attributes sec /dev )Jun 12, 2025 390 html , attributes , escaping , xss Escaping “<” and “>” in Attributes—How It Helps Protect Against Mutation XSS sec )Jun 12, 2025 389 html , attributes , xss , escaping , chrome , google , browsers Beware of End-of-Life Node.js Versions—Upgrade or Seek Post-EOL Support mco /nod )Jun 6, 2025 388 nodejs , maintenance How to Access Local MCP Servers Through a Secure Tunnel the )Jun 5, 2025 387 how-tos , mcp , ai , servers , network Docker Launches Hardened Images, Intensifying Secure Container Market the )May 19, 2025 386 docker Modernizing Security May 17, 2025 385 modernization , processes Securing Your Node.js App From Command Injection May 14, 2025 384 nodejs Passkeys for Normal People tro )May 5, 2025 383 authentication , passkeys , examples , concepts npm Targeted by Malware Campaign Mimicking Familiar Library Names soc )May 2, 2025 382 npm , malware , dependencies , link-lists Threat Actors Misuse Node.js to Deliver Malware and Other Malicious Payloads mic )Apr 15, 2025 381 nodejs , malware Principles for Coding Securely With LLMs Apr 15, 2025 380 ai , principles TLS Certificate Lifetimes Will Officially Reduce to 47 Days Apr 14, 2025 379 tls , certificates LLMs Can’t Stop Making Up Software Dependencies and Sabotaging Everything tho /the )Apr 12, 2025 378 ai , dependencies Secure a Vue App With OpenID Connect and the BFF Pattern due )Apr 9, 2025 377 vuejs , authentication , backend-for-frontend Teaching Code in the AI Era: Why Fundamentals Still Matter ali )Apr 4, 2025 376 training , ai , programming , vibe-coding , scalability , performance , quality , testing , documentation Stop Using Jenkins in 2025 oso )Apr 1, 2025 375 jenkins , github-actions , ci-cd Node.js Test CI Security Incident nod )Mar 31, 2025 374 nodejs , retrospectives Website Hijack Campaign Now Impacting 150,000 Sites gad )Mar 27, 2025 373 Malware Found on npm Infecting Local Package With Reverse Shell rev )Mar 26, 2025 372 npm , dependencies Five Things Vibe Coders Should Know (From a Software Engineer) uxd )Mar 20, 2025 371 vibe-coding , sanitization GitHub Suffers a Cascading Supply Chain Attack Compromising CI/CD Secrets inf )Mar 19, 2025 370 github , ci-cd How to Prevent WordPress SQL Injection Attacks sma )Mar 13, 2025 369 how-tos , wordpress , sql , databases Lazarus Strikes npm Again With New Wave of Malicious Packages soc )Mar 10, 2025 368 npm , dependencies What Is the OWASP Top 10 and How Can Your Team Benchmark Security? jet )Mar 7, 2025 367 owasp , vulnerabilities , qodana , jetbrains Updates on CVE for End-of-Life Versions raf /nod )Mar 7, 2025 366 nodejs How to Protect Your Web Applications From XSS tor /w3c )Mar 6, 2025 365 how-tos , web-apps , xss Secure UX: Building Cybersecurity and Privacy Into the UX Lifecycle uxm )Mar 3, 2025 364 user-experience , processes The Fallacy of Balance: Challenging the Notion of Security and Accessibility as Opposing Objectives deq )Feb 26, 2025 363 videos , accessibility It Is No Longer Safe to Move Our Governments and Societies to U.S. Clouds ber )Feb 23, 2025 362 cloud-computing , privacy , legal How OWASP Helps You Secure Your Full-Stack Web Applications eri /sma )Feb 18, 2025 361 owasp , monitoring , authentication , vulnerabilities , configuration , csrf , cryptography , authorization 10 Common Web Development Mistakes to Avoid Right Now Feb 17, 2025 360 mistakes , mobile , performance , accessibility , seo , navigation , analytics , testing Tightening Every Bolt bag )Feb 8, 2025 359 videos , processes , code-reviews , testing On Generative AI Security sch )Feb 5, 2025 358 ai , lessons , microsoft Understanding CORS Errors in Signed Exchanges paw )Jan 31, 2025 357 cors , errors , signed-exchanges Keep Your Node.js Apps Secure With “npx is-my-node-vulnerable” tre )Jan 29, 2025 356 packages , npm , nodejs How I Open-Sourced My Secret Access Tokens From GitHub, Slack, and npm—and Who Actually Cares Jan 24, 2025 355 github , slack , npm Node.js EOL Versions CVE Dubbed the “Worst CVE of the Year” by Security Experts sar /soc )Jan 24, 2025 354 nodejs , documentation Tuesday, January 21, 2025 Security Releases raf /nod )Jan 21, 2025 353 release-notes , nodejs APIs Are Quickly Becoming the Latest Security Battleground (and Nightmare) the )Jan 14, 2025 352 apis CDN-First Is No Longer a Performance Feature osv )Jan 12, 2025 351 content-delivery , performance , caching , embed-code , privacy The Cyber-Cleanse: Take Back Your Digital Footprint cyb )Jan 1, 2025 350 privacy 15 Principles for Secure Programming rak )Dec 23, 2024 349 principles , validation , testing Important Topics for Frontend Developers to Master in 2025 Dec 21, 2024 348 learning , javascript , typescript , css , frameworks , git , apis , testing , performance , ci-cd , websockets How to Automate OWASP Security Reviews in Your Pull Requests? cod )Dec 16, 2024 347 how-tos , owasp , automation , code-reviews , coderabbit Developer Guide: How to Implement Passkeys Dec 16, 2024 346 guides , how-tos , authentication , passkeys 5 Technical Trends to Help Web Developers Stand Out in 2025 the )Dec 10, 2024 345 trends , career , javascript , ai , low-and-no-code Avoid Hotlinking Images With “Cross-Origin-Resource-Policy” Nov 27, 2024 344 images Content Security Policy Level 3 mik /w3c )Nov 22, 2024 343 standards , csp Security htt )Nov 11, 2024 342 web-almanac , studies , research , metrics JavaScript Import Attributes (ES2025) tre )Nov 10, 2024 341 javascript Exploring Internet Traffic Shifts and Cyber Attacks During the 2024 U.S. Election clo )Nov 6, 2024 340 traffic Securing Your Express REST API With Passport.js Nov 3, 2024 339 nodejs , express , json-web-tokens , apis , rest , tooling SecretLint—a Linter for Preventing Committing Credentials tre )Oct 22, 2024 338 tooling , linting Top 4 Web Vulnerabilities With Example and Mitigation Oct 21, 2024 337 vulnerabilities , sql , databases , xss , csrf The Importance of UX in Cybersecurity uxm )Oct 21, 2024 336 user-experience , usability Understanding “npm audit” and Fixing Vulnerabilities Oct 21, 2024 335 npm , vulnerabilities , nodejs How to Implement Content Security Policy (CSP) Headers for Astro tre )Oct 16, 2024 334 how-tos , http , http-headers , csp , astro , vercel , cloudflare Why Code Security Matters—Even in Hardened Environments Oct 8, 2024 333 vulnerabilities , file-handling , nodejs Database 101: SSL/TLS for Beginners Oct 4, 2024 332 introductions , databases , ssl , tls , authentication Cloudflare Study: 39% of Companies Losing Control of Their IT and Security Environment tre )Oct 3, 2024 331 studies , research , engineering-management NIST Recommends Some Common-Sense Password Rules sch )Sep 27, 2024 330 passwords , guidelines I Finally Understand OAuth Sep 24, 2024 329 authorization , oauth , processes Fake GitHub Site Targeting Developers jul /san )Sep 19, 2024 328 github Hacking Cars in JavaScript (Running Replay Attacks in the Browser With the HackRF) dev )Sep 16, 2024 327 javascript Gaining Access to Anyone’s Browser Without Them Even Visiting a Website Sep 7, 2024 326 arc , the-browser-company , browsers , vulnerabilities 5 Wasm Use Cases for Frontend Development des )Aug 21, 2024 325 guest-posts , webassembly , performance Web Security: Shaping the Secure Web set /w3c )Aug 21, 2024 324 web , w3c What Is Incident Response? Aug 20, 2024 323 incident-response , overviews Migrating From Netlify to Cloudflare for AI Bot Protection sia )Aug 6, 2024 322 migrating , netlify , cloudflare , ai The Great npm Garbage Patch Aug 6, 2024 321 dependencies , npm , spam Frontend Security Checklist tre )Jul 30, 2024 320 checklists , react Automated Ways to Security Audit Your Website Jul 28, 2024 319 auditing , automation , tooling Secure Node.js Applications From Supply Chain Attacks Jul 25, 2024 318 nodejs , best-practices , dependencies The Cloud Run Security Gap You Didn’t Know You Had (and How to Fix It) Jul 18, 2024 317 google , gcp The Pitfalls of In-App Browsers fro )Jul 18, 2024 316 browsers , mobile , privacy , user-experience Supply Chain Security in npm—We Can Be Optimistic About the Future Jul 9, 2024 315 npm , dependencies , provenance Script Integrity chr /fro )Jul 5, 2024 314 embed-code , javascript WebAuthn: Enhancing Security With Minimal Effort tbe )Jul 2, 2024 313 authentication , webauthn Introducing the MDN HTTP Observatory mdn )Jul 2, 2024 312 introductions , mdn , mozilla , http Tuesday, July 2, 2024 Security Releases nod )Jul 2, 2024 311 release-notes , nodejs RegreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server Jul 1, 2024 310 ssh , vulnerabilities Polyfill Supply Chain Attack Embeds Malware in JavaScript CDN Assets sny )Jun 26, 2024 309 malware , vulnerabilities Catching Compromised Cookies Jun 25, 2024 308 cookies , testing Backdoor Slipped Into Multiple WordPress Plugins in Ongoing Supply-Chain Attack dan /ars )Jun 24, 2024 307 wordpress , plugins The Hacking of Culture and the Creation of Socio-Technical Debt sch )Jun 19, 2024 306 culture OAuth Authentication rya )Jun 15, 2024 305 authentication , authorization , oauth What Is Mixed Content? fre )Jun 15, 2024 304 http Researchers Uncover npm Registry Vulnerability to Cache Poisoning and DoS Attacks sar /soc )Jun 15, 2024 303 npm , dependencies , vulnerabilities , caching The Ultimate Guide to Iframes log )Jun 6, 2024 302 guides , iframes , html , javascript How a Single Vulnerability Can Bring Down the JavaScript Ecosystem Jun 3, 2024 301 javascript , npm , dependencies , caching , vulnerabilities JavaScript Security: Simple Practices to Secure Your Frontend May 15, 2024 300 javascript , dependencies , csp Manifesto for a Humane Web mic )May 10, 2024 299 websites , manifestos , web , principles , accessibility , dei , sustainability , user-experience Securing Client-Side JavaScript ada )May 5, 2024 298 javascript , graceful-degradation Poor Express Authentication Patterns in Node.js and How to Avoid Them May 3, 2024 297 express , nodejs , authentication Passkeys: A Shattered Dream fir )Apr 26, 2024 296 authentication , passkeys Using Legitimate GitHub URLs for Malware sch )Apr 22, 2024 295 malware , github When Security and Accessibility Clash: Why Are Banking Applications So Inaccessible? nic )Apr 17, 2024 294 accessibility Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects ope )Apr 15, 2024 293 foss Wednesday, April 10, 2024 Security Releases raf /nod )Apr 10, 2024 292 release-notes , nodejs Node.js Secure Coding: Mitigate and Weaponize Code Injection Vulnerabilities Apr 8, 2024 291 books , nodejs , vulnerabilities The Free Software Commons jen )Apr 5, 2024 290 foss , community The V8 Sandbox Apr 4, 2024 289 v8 Building a Digital Fortress: How to Strengthen DNS Against DDoS Attacks? Apr 3, 2024 288 dns Using JSON Web Tokens With Node.js Apr 3, 2024 287 json-web-tokens , nodejs , authentication Wednesday, April 3, 2024 Security Releases nod )Apr 3, 2024 286 release-notes , nodejs In-App Browsers Are Still a Privacy, Security, and Choice Problem tho /the )Mar 27, 2024 285 browsers , mobile , privacy CORS Finally Explained—Simply Mar 24, 2024 284 csrf , cors , concepts How Does Single Sign-On (SSO) Work? mil )Mar 24, 2024 283 authentication How npm Install Scripts Can Be Weaponized: A Real-World Example of a Harmful npm Package eth )Mar 3, 2024 282 npm , dependencies , examples Preventing SQL Injection Attacks in Node.js sny )Feb 20, 2024 281 nodejs , databases , sql Frontend Application Security: Tips and Tricks Feb 16, 2024 280 web-apps , xss , csrf , authentication , dependencies , csp , validation , tips-and-tricks Wednesday, February 14, 2024 Security Releases raf +/nod )Feb 14, 2024 279 release-notes , nodejs How to Boost WordPress Security and Protect Your SEO Ranking Feb 12, 2024 278 how-tos , wordpress , seo Malicious npm Package Masquerades as Noblox.js, Targeting Roblox Users for Data Theft sar /soc )Feb 6, 2024 277 npm , dependencies Practice Safe DSD With “setHTMLUnsafe” (It’s Complicated) jar /van )Jan 31, 2024 276 html , dom , shadow-dom , apis Tuesday, February 6, 2024 Security Releases raf /nod )Jan 30, 2024 275 release-notes , nodejs JWT vs. Session Authentication Jan 25, 2024 274 authentication , json-web-tokens , comparisons GitHub, npm Registry Abused to Host SSH Key-Stealing Malware Jan 24, 2024 273 github , npm , malware , foss Deceptive Deprecation: The Truth About npm Deprecated Packages Jan 18, 2024 272 npm , dependencies , research Safely Accessing the DOM With Angular SSR dev )Jan 17, 2024 271 dom , javascript , angular , server-side-rendering Node.js Security Progress Report—Progress on Permission Model, Fuzzer, and Connections With Community ope )Jan 16, 2024 270 nodejs I Hate CORS Jan 14, 2024 269 videos , cors Building Multiple Progressive Web Apps on the Same Domain dev )Jan 4, 2024 268 videos , web-apps , progressive-web-apps , architecture Session-Based vs. Token-Based Authentication: Which Is Better? Dec 23, 2023 267 authentication , json-web-tokens , comparisons 10 Best Practices for Secure Code Review of Node.js Code Dec 20, 2023 266 best-practices , code-reviews , nodejs Security Headers Using “<meta>” sap /mat )Dec 7, 2023 265 csp , html Blind CSS Exfiltration: Exfiltrate Unknown Web Pages Dec 5, 2023 264 css Mastering Cryptography Fundamentals With Node’s “crypto” Module Nov 11, 2023 263 cryptography , nodejs Secure Code Review Tips to Defend Against Vulnerable Node.js Code Nov 8, 2023 262 nodejs , code-reviews Understanding CORS Nov 4, 2023 261 cors What the !#@% Is a Passkey? eff )Oct 26, 2023 260 passkeys Secret Scanning Scans Public npm Packages git )Oct 26, 2023 259 github , npm , dependencies Local HTTPS for Next.js 13.5 ami )Oct 10, 2023 258 testing , http , nextjs Understanding XSS Attacks ver )Oct 5, 2023 257 xss A Comprehensive Guide to the Dangers of Regular Expressions in JavaScript phi )Sep 28, 2023 256 guides , javascript , regex SSH Keys Stolen by Stream of Malicious PyPI and npm Packages ble )Sep 27, 2023 255 ssh , dependencies , npm Best Practices for Securing Node.js Applications in Production Sep 27, 2023 254 best-practices , nodejs npm Provenance General Availability git )Sep 26, 2023 253 github , npm , provenance Open Source Trends to Look for in 2024 Sep 21, 2023 252 foss , trends , outlooks , ai The WebP 0-Day Sep 21, 2023 251 webp , google , apple Securing Your Node.js Apps by Analyzing Real-World Command Injection Examples Sep 15, 2023 250 nodejs , history , examples How to Implement SSL/TLS Pinning in Node.js sny )Aug 29, 2023 249 how-tos , ssl , tls , nodejs A More Intelligent and Secure Web ple /w3c )Aug 24, 2023 248 videos , w3c , standards , web , web-platform Demystifying CORS: Understanding How Cross-Origin Resource Sharing Works Aug 18, 2023 247 cors , javascript Towards HTTPS by Default jde /dev )Aug 16, 2023 246 browsers , google , chrome , http , tls Sophisticated, Highly-Targeted Attacks Continue to Plague npm Aug 12, 2023 245 npm An Update on Chrome Security Updates—Shipping Security Fixes to You Faster Aug 8, 2023 244 browsers , google , chrome Tuesday, August 8, 2023 Security Releases raf /nod )Jul 31, 2023 243 release-notes , nodejs Publishing With npm Provenance From Private Source Repositories Is No Longer Supported git )Jul 26, 2023 242 github , npm , provenance , foss Social Engineering Campaign Targeting Tech Employees Spreading Through npm Malware soc )Jul 25, 2023 241 malware , npm Securing the Web Forward: Addressing Developer Concerns in Web Security tor /w3c )Jul 24, 2023 240 web , surveys Encoding: A Brief History and Its Role in Cybersecurity Jul 19, 2023 239 encoding , unicode , history User Input Sanitization and Validation: Securing Your App Jul 19, 2023 238 sanitization , validation , conformance Node.js Security Progress Report—17 Reports Closed ope )Jul 17, 2023 237 nodejs The Importance of Verifying Webhook Signatures sny )Jun 29, 2023 236 webhooks The Massive Bug at the Heart of the npm Ecosystem Jun 27, 2023 235 npm , dependencies An Introduction to Command Injection Vulnerabilities in Node.js and JavaScript Jun 23, 2023 234 introductions , vulnerabilities , nodejs , javascript Understanding Authorization Before Authentication: Enhancing Web API Security Jun 23, 2023 233 authorization , authentication , apis , comparisons All You Need to Know About CORS and CORS Errors Jun 23, 2023 232 cors , errors Django: A Security Improvement Coming to “format_html()” ada )Jun 15, 2023 231 django , html Tuesday, June 20, 2023 Security Releases raf /nod )Jun 13, 2023 230 release-notes , nodejs security.txt Now Mandatory for Dutch Government Websites May 31, 2023 229 legal File Upload Security and Malware Protection aus )May 23, 2023 228 malware , file-handling , edge-computing Security Implications of HTTP Response Headers sny )May 3, 2023 227 http , http-headers Generating Provenance Statements Apr 19, 2023 226 npm , provenance Introducing npm Package Provenance git )Apr 19, 2023 225 introductions , github , npm , provenance , foss 8 Best Tools for Cryptography and Encryption sta )Apr 18, 2023 224 link-lists , tooling , comparisons , cryptography , encryption , privacy Dissecting npm Malware: Five Packages and Their Evil Install Scripts Apr 15, 2023 223 npm , malware Passkeys: What the Heck and Why? css )Apr 12, 2023 222 passkeys Senior Engineering Strategies for Advanced React and TypeScript tec )Mar 25, 2023 221 strategies , react , typescript , architecture , testing , performance , accessibility , maintenance Cryptographically Protecting Your SPA Mar 17, 2023 220 single-page-apps , cryptography Without Accessibility, There Is No Privacy or Security Feb 28, 2023 219 accessibility , privacy SSL Certificates Explained Feb 20, 2023 218 videos , certificates , ssl , protocols How to Password-Protect a Static HTML Page With No JS ede )Feb 20, 2023 217 how-tos , css , fonts Quick Tip: How to Hash a Password in PHP Feb 14, 2023 216 how-tos , php , passwords , tips-and-tricks Sandboxing JavaScript Code Feb 12, 2023 215 javascript Unlocking Security Updates for Transitive Dependencies With npm git )Jan 19, 2023 214 npm , dependencies , maintenance 7 Required Steps to Secure Your Iframes Security Jan 4, 2023 213 iframes , xss , html , http-headers , csp Conditional API Responses for JavaScript vs. HTML Forms aus )Jan 3, 2023 212 javascript , html , forms , comparisons Why Do We Need Authorization and Authentication? Dec 30, 2022 211 authorization , authentication The Top 10 Security Vulnerabilities for Web Applications Dec 20, 2022 210 vulnerabilities , web-apps Leaked a Secret? Check Your GitHub Alerts… for Free git )Dec 15, 2022 209 github DOM Clobbering fre /mat )Dec 12, 2022 208 dom New npm Features for Secure Publishing and Safe Consumption git )Dec 6, 2022 207 npm , dependencies Using SRI to Protect From Malicious JavaScript mat )Dec 3, 2022 206 javascript WordPress Versions 3.7–4.0 No Longer Get Security Updates sar )Nov 30, 2022 205 wordpress “Not Secure” Warning for IE Mode Nov 16, 2022 204 browsers , microsoft , edge , internet-explorer Node.js Security Best Practices nod )Nov 10, 2022 203 nodejs , best-practices npm Security: Preventing Supply Chain Attacks sny )Nov 7, 2022 202 npm , dependencies Secure JavaScript URL Validation sny )Oct 17, 2022 201 javascript , validation , urls Create a Passkey for Passwordless Logins age /dev )Oct 12, 2022 200 authentication , passkeys Designing a Secure API Oct 4, 2022 199 software-design , apis Phylum Detects Active Typosquatting Campaign Targeting npm Developers Oct 2, 2022 198 npm , dependencies Security htt )Sep 26, 2022 197 web-almanac , studies , research , metrics Continue Using .env Files as Usual Sep 24, 2022 196 environments Quick Reminder: HTML5 “required” and “pattern” Are Not a Security Feature cod )Sep 22, 2022 195 html , forms Stop Using .env Files Now Sep 19, 2022 194 environments Debunking Myths About HTTPS Sep 18, 2022 193 http , myths Secure Your Node.js App With JSON Web Tokens app )Sep 14, 2022 192 nodejs , json-web-tokens Dependabot Unlocks Transitive Dependencies for npm Projects git )Sep 7, 2022 191 dependencies , npm JavaScript Bugs Aplenty in Node.js Ecosystem—Found Automatically Aug 30, 2022 190 studies , research , nodejs , javascript , dependencies , quality Introducing Even More Security Enhancements to npm git )Jul 26, 2022 189 introductions , npm Top 5 npm Vulnerability Scanners Jul 20, 2022 188 npm , vulnerabilities , tooling What Is Passwordless Authentication and How to Implement It Jul 18, 2022 187 authentication , passwords GA4 Is Being Blocked by Content Security Policy Jun 25, 2022 186 csp , metrics , google Please Remove That .git Folder Jun 22, 2022 185 git Should I Have Separate GitHub Accounts for Personal and Professional Projects? Jun 14, 2022 184 discussions , github , career Understanding CSRF Attacks zel )May 29, 2022 183 csrf npm Security Update: Attack Campaign Using Stolen OAuth Tokens git )May 26, 2022 182 oauth , version-control , npm , github Snyk Finds 200+ Malicious npm Packages, Including Cobalt Strike Dependency Confusion Attacks sny )May 24, 2022 181 javascript , npm , dependencies Unexpectedly HTTPS? May 16, 2022 180 http How to Respond to Growing Supply Chain Security Risks? Apr 3, 2022 179 how-tos , dependencies , nodejs , npm The Web Is for Everyone: Our Vision for the Evolution of the Web moz )Mar 23, 2022 178 web , outlooks , privacy , accessibility , performance , user-experience Using HTTPS in Your Development Environment Mar 7, 2022 177 http , environments How to Prevent SQL Injection Attacks in Node.js Mar 3, 2022 176 how-tos , nodejs , databases , sql How to Fix Your Security Vulnerabilities With npm Override Feb 23, 2022 175 how-tos , vulnerabilities , npm , dependencies Can You Get Pwned With CSS? Feb 23, 2022 174 css Never, Ever, Ever Use Pixelation for Redacting Text Feb 15, 2022 173 content , images , obfuscation Accessibly Insecure Jan 31, 2022 172 accessibility Lessons Learned From Publishing a Content Security Policy Dec 14, 2021 171 lessons , csp Ain’t No Party Like a Third Party ada /css )Dec 3, 2021 170 dependencies , embed-code Security htt )Dec 1, 2021 169 web-almanac , studies , research , metrics GitHub’s Commitment to npm Ecosystem Security git )Nov 15, 2021 168 github , npm Understanding and Implementing OAuth2 in Node.js hon )Oct 18, 2021 167 nodejs , authorization , oauth How to Win at CORS jaf )Oct 12, 2021 166 how-tos , cors , html , http The Options for Password-Revealing Inputs chr /css )Oct 6, 2021 165 html , css , passwords , usability npm Security Best Practices owa )Aug 3, 2021 164 npm , best-practices Encoding Data for POST Requests jaf )Jun 30, 2021 163 javascript , encoding NPM Global Audit Jun 16, 2021 162 packages , npm , quality , auditing Understanding and Preventing Common Security Vulnerabilities Jun 15, 2021 161 vulnerabilities Open Source Insights Jun 3, 2021 160 websites , foss , dependencies , licensing I Learned to Love the Same-Origin Policy eee /css )Dec 17, 2020 159 cors Is Edge Computing Secure? Here Are 4 Security Risks to Be Aware Of Dec 9, 2020 158 edge-computing TLS and mTLS Demystified Dec 9, 2020 157 tls , protocols Best Practices for Inclusive Textual Websites Nov 23, 2020 156 performance , accessibility , best-practices What Is mTLS and How Does It Work? Apr 30, 2020 155 Mutual TLS: Stuff You Should Know Mar 19, 2020 154 tls , protocols Don’t Try to Sanitize Input—Escape Output Feb 27, 2020 153 sanitization , escaping Apple Joins FIDO Alliance, Commits to Getting Rid of Passwords zdn )Feb 12, 2020 152 apple , fido , passwords , authentication 