Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
IEEE

Identification of Influential Nodes in Complex Networks With Degree and Average Neighbor Degree

Abstract: Identifying influential nodes in complex networks is vital for understanding their structure and dynamic behavior. Although methods based on a single characteristic of nodes have been ...
GitHub

Enterprise-grade Reference Architecture for JavaScript

This repository contains the reference architecture and components for building enterprise-grade modern composable frontends (or micro-frontends) and cloud-native applications. It is a collection of ...
GitHub

Low-Level OAuth 2 / OpenID Connect Client API for JavaScript Runtimes

This software provides a collection of routines that can be used to build client modules for OAuth 2.1, OAuth 2.0 with the latest Security Best Current Practices (BCP), and FAPI 2.0, as well as OpenID ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible ...
IEEE

Identification of Key Nodes in Complex Networks

Abstract: Identification of key nodes in network is of great significance in practical application. Some of the existing importance evaluation indexes have the defects of limited scope of application ...