The Hacker News

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, ...
The Hacker News

FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to ...
CSOonline

August Patch Tuesday: Authentication hole in Windows Server 2025 now has a fix

A critical zero-day vulnerability in Windows servers running the Kerberos authentication system, first disclosed in May, has now been patched by Microsoft, but must be given high priority by admins ...
Developer Tech

Node.js 24: A faster, sleeker JavaScript experience

Node.js 24 has officially arrived, and it’s bringing a rather tasty selection of improvements to the table. If you’re a developer knee-deep in web apps or wrestling with asynchronous code, this ...
GitHub

React and Node.js base template

In this repository, you will find a base template for an application with a Node.js server and a React frontend to kickstart custom app development. You can run the ...
SecurityWeek

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. Two critical-severity vulnerabilities in the Mongoose Object ...
GitHub

zerowithzero/secure-2fa-auth-api-nodejs

secure-auth-api-nodejs/ │── config/ # Passport & OAuth Configurations │── models/ # Mongoose User Model │── routes/ # API Routes (Auth, Users ...