Series

Node.js security

In this series I'll talk about Node.js security

Dependency confusion in npm: Why your private registry isn't enough
Think your internal npm packages are safe just because they're hosted on a private registry? All it takes is one clever attacker and a public registry
Apr 28, 20254 min read20
The Hidden Dangers of npm install: What Most Node.js Developers Get Wrong
Running npm install without thinking is like giving strangers admin access to your machine. Learn what really happens, and how to defend yourself.
Apr 29, 20254 min read185

Node.js security