#node-js — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #node-js, aggregated by home.social.
-
Slint and the Node.js Event Loop https://lobste.rs/s/mml4wf #nodejs #rust
https://slint.dev/blog/slint-and-the-nodejs-event-loop -
Slint and the Node.js Event Loop https://lobste.rs/s/mml4wf #nodejs #rust
https://slint.dev/blog/slint-and-the-nodejs-event-loop -
A Djinn in the Machine: TaskWeaver's Node.js Intrusion Chain
An intrusion was investigated that began with exploitation of CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp RMM software. The threat actor obtained unauthorized technician access and deployed two previously undocumented malware samples: TaskWeaver and Djinn Stealer. TaskWeaver is a heavily obfuscated Node.js loader that establishes encrypted communications and delivers additional payloads. Djinn Stealer targets credentials across Windows, macOS, and Linux systems, collecting authentication data for cloud platforms, source control, package registries, AI development assistants, browsers, SSH keys, and cryptocurrency wallets. The attacker leveraged legitimate RMM capabilities to transfer files and execute commands across managed systems. Stolen AI assistant tokens provided extensive access to repositories, databases, and cloud accounts. The intrusion demonstrated how a single authentication bypass in trusted management infrastructure can enable widespread credential theft and p...
Pulse ID: 6a432365e2207bde8681b975
Pulse Link: https://otx.alienvault.com/pulse/6a432365e2207bde8681b975
Pulse Author: AlienVault
Created: 2026-06-30 02:01:09Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Cloud #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #Nodejs #OTX #OpenThreatExchange #RAT #RCE #Rust #SSH #Vulnerability #Windows #bot #cryptocurrency #AlienVault
-
A Djinn in the Machine: TaskWeaver's Node.js Intrusion Chain
An intrusion was investigated that began with exploitation of CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp RMM software. The threat actor obtained unauthorized technician access and deployed two previously undocumented malware samples: TaskWeaver and Djinn Stealer. TaskWeaver is a heavily obfuscated Node.js loader that establishes encrypted communications and delivers additional payloads. Djinn Stealer targets credentials across Windows, macOS, and Linux systems, collecting authentication data for cloud platforms, source control, package registries, AI development assistants, browsers, SSH keys, and cryptocurrency wallets. The attacker leveraged legitimate RMM capabilities to transfer files and execute commands across managed systems. Stolen AI assistant tokens provided extensive access to repositories, databases, and cloud accounts. The intrusion demonstrated how a single authentication bypass in trusted management infrastructure can enable widespread credential theft and p...
Pulse ID: 6a432365e2207bde8681b975
Pulse Link: https://otx.alienvault.com/pulse/6a432365e2207bde8681b975
Pulse Author: AlienVault
Created: 2026-06-30 02:01:09Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Cloud #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #Nodejs #OTX #OpenThreatExchange #RAT #RCE #Rust #SSH #Vulnerability #Windows #bot #cryptocurrency #AlienVault
-
🚀 How to Deploy #Directus on #Ubuntu #VPS
This guide details the steps required to deploy Directus on Ubuntu VPS server. Our guide walks through deploying Directus on a fresh Ubuntu VPS with PostgreSQL, PM2, and Nginx.
What is Directus?
Directus is an open-source headless CMS and data platform that sits on top of a SQL database (like PostgreSQL or MySQL) and ...
Continued 👉 https://blog.radwebhosting.com/deploy-directus-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #nodejs #headlesscms #opensource #contentmanagement #selfhosted #selfhosting #cmsapps -
🚀 Deploy #Claude Code on #Ubuntu #VPS
This article demonstrates how to deploy Claude Code on Ubuntu VPS.What is Claude Code?
Claude Code refers to using Claude (Anthropic’s AI model family) as a development assistant for writing, reviewing, refactoring, and reasoning about code — typically through an API-driven backend, CLI tool, IDE integration, or internal ...
Continued 👉 https://blog.radwebhosting.com/deploy-claude-code-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #claudecode #nodejs #selfhosted #reverseproxy #letsencrypt #selfhosting #anthropic -
RAT Abuses TON Blockchain to Target Japan's Hotel Industry
A sophisticated phishing campaign observed in May 2026 targets Japanese accommodation facilities partnering with Booking.com. Attackers impersonate guest complaints and review requests through emails, tricking hotel staff into downloading malicious ZIP files containing shortcut links disguised as photos. The malware, TONResolver, employs The Open Network blockchain platform as a dead drop resolver to dynamically retrieve command-and-control server addresses, making detection and takedown difficult. The attack uses Node.js with VM-based obfuscation and establishes encrypted WebSocket connections using ECDH key exchange and AES-256-CBC encryption. Two delivery methods were identified: bulk phishing and conversational attacks via Gmail that build trust before delivering malicious URLs. Once infected, endpoints maintain persistent Keepalive connections awaiting attacker commands for credential theft and additional malware deployment, with observed follow-on activity targeting browser-stored credentials from Ch...
Pulse ID: 6a42d46fe5317e409adbaaa3
Pulse Link: https://otx.alienvault.com/pulse/6a42d46fe5317e409adbaaa3
Pulse Author: AlienVault
Created: 2026-06-29 20:24:15Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BlockChain #Browser #CyberSecurity #Email #Encryption #Endpoint #InfoSec #Japan #Malware #Nodejs #OTX #OpenThreatExchange #Phishing #RAT #Rust #ZIP #bot #AlienVault
-
RAT Abuses TON Blockchain to Target Japan's Hotel Industry
A sophisticated phishing campaign observed in May 2026 targets Japanese accommodation facilities partnering with Booking.com. Attackers impersonate guest complaints and review requests through emails, tricking hotel staff into downloading malicious ZIP files containing shortcut links disguised as photos. The malware, TONResolver, employs The Open Network blockchain platform as a dead drop resolver to dynamically retrieve command-and-control server addresses, making detection and takedown difficult. The attack uses Node.js with VM-based obfuscation and establishes encrypted WebSocket connections using ECDH key exchange and AES-256-CBC encryption. Two delivery methods were identified: bulk phishing and conversational attacks via Gmail that build trust before delivering malicious URLs. Once infected, endpoints maintain persistent Keepalive connections awaiting attacker commands for credential theft and additional malware deployment, with observed follow-on activity targeting browser-stored credentials from Ch...
Pulse ID: 6a42d46fe5317e409adbaaa3
Pulse Link: https://otx.alienvault.com/pulse/6a42d46fe5317e409adbaaa3
Pulse Author: AlienVault
Created: 2026-06-29 20:24:15Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BlockChain #Browser #CyberSecurity #Email #Encryption #Endpoint #InfoSec #Japan #Malware #Nodejs #OTX #OpenThreatExchange #Phishing #RAT #Rust #ZIP #bot #AlienVault
-
🚀 How to Deploy #Directus on #Ubuntu #VPS
This guide details the steps required to deploy Directus on Ubuntu VPS server. Our guide walks through deploying Directus on a fresh Ubuntu VPS with PostgreSQL, PM2, and Nginx.
What is Directus?
Directus is an open-source headless CMS and data platform that sits on top of a SQL database (like PostgreSQL or MySQL) and ...
Continued 👉 https://blog.radwebhosting.com/deploy-directus-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #selfhosted #cmsapps #nodejs #headlesscms #selfhosting #contentmanagement #opensource -
🚀 How to Deploy #Directus on #Ubuntu #VPS
This guide details the steps required to deploy Directus on Ubuntu VPS server. Our guide walks through deploying Directus on a fresh Ubuntu VPS with PostgreSQL, PM2, and Nginx.
What is Directus?
Directus is an open-source headless CMS and data platform that sits on top of a SQL database (like PostgreSQL or MySQL) and ...
Continued 👉 https://blog.radwebhosting.com/deploy-directus-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #selfhosted #cmsapps #nodejs #headlesscms #selfhosting #contentmanagement #opensource -
🚀 How to Install and Run Rocket.Chat on #Debian #VPS This article describes how to install and run Rocket.Chat on Debian VPS.
What is Rocket.Chat?
Rocket.Chat is an open-source communication platform designed for ...
Continued 👉 #selfhosted #certbot #selfhosting #nginx #nodejs #rocketchat
🚀 How to Install and Run Rocke... -
🚀 How to Install and Run Rocket.Chat on #Debian #VPS This article describes how to install and run Rocket.Chat on Debian VPS.
What is Rocket.Chat?
Rocket.Chat is an open-source communication platform designed for ...
Continued 👉 #selfhosted #certbot #selfhosting #nginx #nodejs #rocketchat
🚀 How to Install and Run Rocke... -
🚀 How to Deploy #CapRover on #Ubuntu #VPS
This article provides a guide demonstrating how to deploy CapRover on Ubuntu VPS.
What is CapRover?
CapRover is a free, open-source Platform-as-a-Service (PaaS) that lets you deploy web applications, databases, and #Docker containers with a simple web interface. It provides a Heroku-like experience on your own VPS while automatically ...
Continued 👉 https://blog.radwebhosting.com/deploy-caprover-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #git #letsencrypt #ufw #selfhosting #npm #nodejs #certbot #selfhosted -
🛡️ Weekly CVE Roundup is here! We're highlighting a critical path traversal bypass in Node.js (CVE-2026-3102) and discussing why experimental features can be a liability in production. Stay ahead of the latest security trends. 🔒 Read more: https://cvedatabase.com/blog/weekly-cve-roundup-critical-node-js-permission-bypass-and-late-may-security-tren-2026-05-31 #NodeJS #CyberSecurity #CVE #Infosec #VulnerabilityManagement
-
⚡ Slint 1.17 gives the Node.js binding a big upgrade.
#Slint's event loop now hooks straight into #libuv on Linux & macOS: UI events are handled instantly, and idle apps drop to 0% CPU (no more 16 ms polling).
Full deep dive 👇
https://slint.dev/blog/slint-and-the-nodejs-event-loop -
⚡ Slint 1.17 gives the Node.js binding a big upgrade.
#Slint's event loop now hooks straight into #libuv on Linux & macOS: UI events are handled instantly, and idle apps drop to 0% CPU (no more 16 ms polling).
Full deep dive 👇
https://slint.dev/blog/slint-and-the-nodejs-event-loop -
TeamPCP: как команда хакеров-любителей «Дюны» закинула в наши Node.js-пакеты червей Shai-Hulud
npm install — такая привычная многим из читателей команда, но за последние пару месяцев она обернулась сущим кошмаром для инженеров по безопасности. И ладно бы всё сводилось к проверке 5 пакетов из package.json , но у каждой зависимости по 10 своих зависимостей, а у тех ещё по 10. В итоге мы тянем 2000, а не 5 пакетов, и тут, кажется, уже руками не проверишь. И именно на этой боли всех безопасников, поддерживающих JS-проекты, сыграла команда TeamPCP. В этой статье я хочу подробно, от А до Я, разобраться, в чём опасность, почему так произошло и как от этого защититься.
-
⚙️ My full-stack AI app architecture for 2026:
→ Next.js 15 (App Router) frontend
→ tRPC for type-safe API layer
→ PostgreSQL + pgvector for embeddings
→ Redis for caching + sessions
→ BullMQ for async AI jobs
→ Vercel AI SDK for streaming
→ Drizzle ORM for DB queriesEvery piece earns its place. No fluff.
#Architecture #FullStack #AI #NextJS #TypeScript #WebDev #NodeJS
-
⚙️ My full-stack AI app architecture for 2026:
→ Next.js 15 (App Router) frontend
→ tRPC for type-safe API layer
→ PostgreSQL + pgvector for embeddings
→ Redis for caching + sessions
→ BullMQ for async AI jobs
→ Vercel AI SDK for streaming
→ Drizzle ORM for DB queriesEvery piece earns its place. No fluff.
#Architecture #FullStack #AI #NextJS #TypeScript #WebDev #NodeJS
-
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Pulse ID: 6a420140079ad52fd08a3aef
Pulse Link: https://otx.alienvault.com/pulse/6a420140079ad52fd08a3aef
Pulse Author: Tr1sa111
Created: 2026-06-29 05:23:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Hospital #InfoSec #Nodejs #OTX #OpenThreatExchange #ZIP #bot #Tr1sa111
-
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Pulse ID: 6a420140079ad52fd08a3aef
Pulse Link: https://otx.alienvault.com/pulse/6a420140079ad52fd08a3aef
Pulse Author: Tr1sa111
Created: 2026-06-29 05:23:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Hospital #InfoSec #Nodejs #OTX #OpenThreatExchange #ZIP #bot #Tr1sa111
-
🚀 Deploy #OpenStatus on #Debian #VPS (5 Minute Quick-Start Guide)
This article provides a start-to-finish, production-ready guide to deploy OpenStatus on Debian VPS, including all required prerequisites and a clean, repeatable deployment flow.
What is OpenStatus?
OpenStatus is an open-source uptime #monitoring and status page platform designed to help you monitor services, track incidents, and ...
Continued 👉 https://blog.radwebhosting.com/deploy-openstatus-on-debian-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #letsencrypt #corepack #selfhosted #nodejs #selfhosting -
How to Install #Directus on #AlmaLinux #VPS
Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus? ...
Continued 👉 #letsencrypt #cmsapps #selfhosted #opensource #contentmanagement #postgresql #npm #installguide #selfhosting #vpsguide #nodejs
How to Install Directus on Alm... -
How to Install #Directus on #AlmaLinux #VPS
Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus? ...
Continued 👉 #letsencrypt #cmsapps #selfhosted #opensource #contentmanagement #postgresql #npm #installguide #selfhosting #vpsguide #nodejs
How to Install Directus on Alm... -
Node.js 26.4.0 landed June 24 on the Current line. The headline is a minimal `node:vfs` virtual filesystem subsystem, joined by caller-supplied buffers for `readFile()`, a TLS `certificateCompression` option, and module-loader package maps. The VFS ships in core, so single-file apps and test fixtures can back the filesystem without a native module. What's the first thing you'd back with node:vfs once it stabilizes?
-
Многоэтапные сборки в Docker: как уменьшить образ с 1,2 ГБ до 50 МБ
Знакомая картина: вы написали микросервис, набросали Dockerfile из четырёх команд — и получили образ на 1,2 ГБ. В единичном случае не страшно, но этот гигабайт гоняется по сети десятки раз в день: при каждом коммите в CI, на preview-окружениях, при деплое в кластеры. В итоге — минуты ожидания пайплайнов, счета за трафик и хранение, плюс лишние системные пакеты с десятками CVE. Показываем на Node.js и Go, как ужать образ с 1,2 ГБ до 50 МБ через multi-stage — без единой строчки правок в коде. Раскатать без боли →
https://habr.com/ru/companies/netologyru/articles/1051714/
#docker #multistage_builds #dockerfile #оптимизация_Dockerобраза #alpine_linux #nodejs #контейнеризация #buildkit #distroless #cicd
-
-
🚀 Deploy #Zonemaster on #Debian #VPS
This article provides a guide demonstrating how to deploy Zonemaster on Debian VPS.
What is Zonemaster?
Zonemaster is an open-source #DNS testing and validation framework designed to thoroughly analyze the health, correctness, and performance of a domain’s DNS configuration. It is jointly developed and maintained by AFNIC (registry for .fr) and ...
Continued 👉 https://blog.radwebhosting.com/deploy-zonemaster-on-debian-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #redis #opensource #selfhosted #letsencrypt #selfhosting #nodejs -
Из одного слова целый бренд. Как развивался Колорит
Несколько дней назад я сделал маленький инструмент для себя. Надоело каждый раз начинать новый проект с колеса оттенков: крутишь Coolors, листаешь Pinterest, смотришь на чужие палитры, которые «почти подходят». А ведь у проекта уже есть образ, это слово. Рассвет. Шторм. Тёмный лес. У каждого слова есть свой цвет, который чувствуешь интуитивно. Просто никто не переводит его в HEX за тебя. Так появился Колорит : вводишь слово, ИИ собирает палитру. Я написал про него на Хабре . А потом поймал себя на новой мысли. Палитра это ведь только начало. После цвета всё равно нужно имя, слоган, шрифты, ощущение движения. Почему всё это должно начинаться с нуля, если отправная точка одна и та же? Так Колорит перестал быть просто генератором палитр и стал маленьким конструктором бренда.
https://habr.com/ru/articles/1052768/
#Nodejs #JavaScript #DeepSeek #Canvas_API #AI #Дизайн #Вебразработка #Инструменты_разработчика #Prompt_Engineeringfree
-
Как генератор палитр дорос до конструктора бренда: один ИИ-эндпоинт, дырявая ссылка и грабли деплоя Несколь...
#Node.js #JavaScript #DeepSeek #Canvas #API #AI #Дизайн #Веб-разработка #Инструменты #разработчика #Prompt
Origin | Interest | Match -
Из одного слова целый бренд. Как развивался Колорит Несколько дней назад я сделал маленький инструмент для ...
#Node.js #JavaScript #DeepSeek #Canvas #API #AI #Дизайн #Веб-разработка #Инструменты #разработчика #Prompt
Origin | Interest | Match -
🚀 Deploy #Claude Code on #Ubuntu #VPS
This article demonstrates how to deploy Claude Code on Ubuntu VPS.What is Claude Code?
Claude Code refers to using Claude (Anthropic’s AI model family) as a development assistant for writing, reviewing, refactoring, and reasoning about code — typically through an API-driven backend, CLI tool, IDE integration, or internal ...
Continued 👉 https://blog.radwebhosting.com/deploy-claude-code-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #reverseproxy #nodejs #selfhosted #letsencrypt #selfhosting #claudecode #anthropic -
🚀 Deploy #Claude Code on #Ubuntu #VPS
This article demonstrates how to deploy Claude Code on Ubuntu VPS.What is Claude Code?
Claude Code refers to using Claude (Anthropic’s AI model family) as a development assistant for writing, reviewing, refactoring, and reasoning about code — typically through an API-driven backend, CLI tool, IDE integration, or internal ...
Continued 👉 https://blog.radwebhosting.com/deploy-claude-code-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #reverseproxy #nodejs #selfhosted #letsencrypt #selfhosting #claudecode #anthropic -
🚀 Deploy #Zonemaster on #Debian #VPS
This article provides a guide demonstrating how to deploy Zonemaster on Debian VPS.
What is Zonemaster?
Zonemaster is an open-source #DNS testing and validation ...
Continued 👉 #letsencrypt #redis #opensource #nodejs #selfhosted #selfhosting
🚀 Deploy Zonemaster on Debian ... -
How to Install #Directus on #AlmaLinux #VPS
Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus?
Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
Continued 👉 https://blog.radwebhosting.com/install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #selfhosting #vpsguide #postgresql #cmsapps #selfhosted #nodejs #opensource #npm #letsencrypt #contentmanagement #installguide -
It's been a looooong time since I wrote a technical article for my #blog
This one is about my work on Logtau, a collection of logging libraries for #NodeJS : https://blog.coderspirit.xyz/blog/2026/06/27/engineering-a-fast-logger/
-
It's been a looooong time since I wrote a technical article for my #blog
This one is about my work on Logtau, a collection of logging libraries for #NodeJS : https://blog.coderspirit.xyz/blog/2026/06/27/engineering-a-fast-logger/
-
Дизайн-система Kite: путь от «порядка» к «воздушному змею»
Привет! Меня зовут Рома. С 2023 года я отвечаю за технику и архитектуру дизайн-системы в Туту, а с 2025 — возглавляю саму команду. За это время я понял: дизайн-система — это сложный и местами болезненный компромисс между кодом, дизайном и бизнесом. Написать гибкие компоненты и собрать UI-кит — лишь 20% успеха. Остальные 80% — это долгие детальные переговоры и поиск точек соприкосновения. Продуктовые команды тоже хотят делать качественный продукт, но их главный ресурс — время. Полетели!
https://habr.com/ru/companies/tuturu/articles/1052200/
#дизайнсистема #дизайнсистемы #дизайн_интерфейсов #дизайн #разработка_под_android #разработка_под_ios #фронтенд_разработка #nodejs #дизайнтокены #figma_design
-
🚀 How to Deploy #CapRover on #Ubuntu #VPS
This article provides a guide demonstrating how to deploy CapRover on Ubuntu VPS.
What is CapRover?
CapRover is a free, open-source Platform-as-a-Service (PaaS) that lets you deploy web applications, databases, and #Docker containers with a simple web interface. It provides a Heroku-like experience on your own VPS while automatically ...
Continued 👉 https://blog.radwebhosting.com/deploy-caprover-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #certbot #selfhosting #selfhosted #ufw #git #nodejs #npm #letsencrypt -
🚀 How to Deploy #CapRover on #Ubuntu #VPS
This article provides a guide demonstrating how to deploy CapRover on Ubuntu VPS.
What is CapRover?
CapRover is a free, open-source Platform-as-a-Service (PaaS) that lets you deploy web applications, databases, and #Docker containers with a simple web interface. It provides a Heroku-like experience on your own VPS while automatically ...
Continued 👉 https://blog.radwebhosting.com/deploy-caprover-on-ubuntu-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #certbot #selfhosting #selfhosted #ufw #git #nodejs #npm #letsencrypt -
🚀 How to Install and Run Rocket.Chat on #Debian #VPS This article describes how to install and run Rocket.Chat on Debian VPS.
What is Rocket.Chat?
Rocket.Chat is an open-source communication platform designed for team collaboration and messaging, similar to Slack or Microsoft Teams. It offers a flexible, self-hosted alternative for businesses, communities, and developers who want full control ...
Continued 👉 https://blog.radwebhosting.com/install-and-run-rocket-chat-on-debian-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #selfhosted #nodejs #rocketchat #nginx #selfhosting #certbot -
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Since April 2026, a sophisticated multi-stage intrusion campaign has targeted hospitality and hotel organizations across Europe and Asia. The operation uses photo-themed ZIP archives containing malicious shortcut files disguised as images. When executed, these shortcuts initiate an attack chain involving obfuscated PowerShell, Node.js-based implants, and dual registry persistence mechanisms. The threat actor exploits legitimate services like Calendly and Google redirects for phishing delivery, employing authentication laundering to bypass email security controls. The campaign evolved through two waves, introducing .NET DLL compilation, Cloudflare-fronted infrastructure, and refined obfuscation techniques. Post-compromise activities include command-and-control beaconing over non-standard ports, forced shutdowns, and portable executable compilation, suggesting preparation for additional malicious operations.
Pulse ID: 6a3df8979895cc716bfbf931
Pulse Link: https://otx.alienvault.com/pulse/6a3df8979895cc716bfbf931
Pulse Author: AlienVault
Created: 2026-06-26 03:57:11Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Asia #Cloud #CyberSecurity #Email #Europe #Google #Hospital #InfoSec #NET #Nodejs #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #RCE #SMS #ZIP #bot #AlienVault
-
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Since April 2026, a sophisticated multi-stage intrusion campaign has targeted hospitality and hotel organizations across Europe and Asia. The operation uses photo-themed ZIP archives containing malicious shortcut files disguised as images. When executed, these shortcuts initiate an attack chain involving obfuscated PowerShell, Node.js-based implants, and dual registry persistence mechanisms. The threat actor exploits legitimate services like Calendly and Google redirects for phishing delivery, employing authentication laundering to bypass email security controls. The campaign evolved through two waves, introducing .NET DLL compilation, Cloudflare-fronted infrastructure, and refined obfuscation techniques. Post-compromise activities include command-and-control beaconing over non-standard ports, forced shutdowns, and portable executable compilation, suggesting preparation for additional malicious operations.
Pulse ID: 6a3df8979895cc716bfbf931
Pulse Link: https://otx.alienvault.com/pulse/6a3df8979895cc716bfbf931
Pulse Author: AlienVault
Created: 2026-06-26 03:57:11Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Asia #Cloud #CyberSecurity #Email #Europe #Google #Hospital #InfoSec #NET #Nodejs #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #RCE #SMS #ZIP #bot #AlienVault
-
Node.js 26.4.0 (Current), by @aduh95.bsky.social (@nodejs):
https://nodejs.org/en/blog/release/v26.4.0?ref=frontenddogma.com
-
Node.js 26.4.0 (Current), by @aduh95.bsky.social (@nodejs):
https://nodejs.org/en/blog/release/v26.4.0?ref=frontenddogma.com
-
cPanel Shared Hosting Server Specs This article provides an in-depth analysis of our #cPanel Shared Hosting server specs and features powering the 100%-SSD cPanel Hosting services.
cPanel Shared Hosting Server Specs
The ...
Continued 👉 https://blog.radwebhosting.com/cpanel-shared-hosting-server-specs/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #mailman #modsecurity #memcached #caldav #csf #ddosprotection #malwareremoval #gitversioncontrol #cloudlinux #nodejs #pgadmin #cardav #imap #malwarescanner #multiphp #firewall #cloudsitebuilder #imagemagick #imunify360 #cagefs #lscache -
Node.js WebCrypto in v22.22.3, v24.16.0, v26.3.0 is affected by CVE-2026-48933 (HIGH). Integer overflow in subtle.encrypt() can crash processes with inputs ≥ 2 GiB, causing DoS. Avoid large inputs while awaiting a fix. 🔐 https://radar.offseq.com/threat/cve-2026-48933-cwe-190-integer-overflow-in-nodejs--5c33db78fed81dbe #OffSeq #Nodejs #Vuln
-
CVE-2026-48618: Node.js HIGH severity vuln in TLS hostname handling (Unicode dot normalization flaw). Affects 22.22.3, 24.16.0, 26.3.0. No patch yet — restrict use & monitor vendor advisory. https://radar.offseq.com/threat/cve-2026-48618-cwe-176-improper-handling-of-unicod-6526a729870e7650 #OffSeq #NodeJS #Vulnerability #TLS #Security
-
🚀 How to Deploy #Directus on #Ubuntu #VPS
This guide details the steps required to deploy Directus on Ubuntu VPS server. Our guide walks through deploying Directus on a fresh Ubuntu VPS ...
Continued 👉 #selfhosting #selfhosted #cmsapps #headlesscms #nodejs #opensource #contentmanagement
🚀 How to Deploy Directus on Ub... -
🚀 How to Deploy #Directus on #Ubuntu #VPS
This guide details the steps required to deploy Directus on Ubuntu VPS server. Our guide walks through deploying Directus on a fresh Ubuntu VPS ...
Continued 👉 #selfhosting #selfhosted #cmsapps #headlesscms #nodejs #opensource #contentmanagement
🚀 How to Deploy Directus on Ub... -
#NodeJS NPM 12 includes additional restrictions for security/supply chain integrity reasons. This can have a significant impact on certain use cases which rely on postinstall scripts to complete installations.
Here is an example case for the IBM MQ module which covers some of the problems. https://marketaylor.synology.me/?p=1912
There are ongoing discussions in https://github.com/nodejs/Release/issues/1161 as to whether this update should go into Node's existing releases. If you have a view feel free to let it be known there!
-
How to Install #Directus on #AlmaLinux #VPS
Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus?
Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
Continued 👉 https://blog.radwebhosting.com/install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #postgresql #contentmanagement #cmsapps #selfhosting #vpsguide #letsencrypt #npm #installguide #selfhosted #opensource #nodejs