HackingPassion.comJavascript
3 posts
vm2 Node.js Sandbox Escape 12 Critical Vulnerabilities Two Without a Patch
Twelve critical vulnerabilities were just published for vm2, a Node.js security library that sits inside millions of applications. Three of them score a perfect …
Axios npm Supply Chain Attack: How a Fake Meeting Compromised 100 Million Downloads
Axios, the JavaScript library with over 100 million weekly downloads, was compromised on March 31st. For roughly three hours, every fresh install of those two …
Linux Inside a PDF
Linux running inside a PDF. An actual working operating system with a terminal where you can type commands. Open a PDF in Chrome. Wait 30 seconds. You now have …