Thanks for the update.
I've now also come across this, though I haven't a clue whether this might
affect ZOWE users:
Popular 'coa' NPM library hijacked to steal user passwords
https://www.bleepingcomputer.com/news/security/popular-coa-npm-library-hijacked-to-steal-user-passwords/
On Mon, 25 Oct 2021 05:29:53 -0500, Support, DUNNIT SYSTEMS LTD.
wrote:
>Correct. We installed node.js on our PCs in as part of the ZOWE CLI
>installation. That is what we are concerned about. We do not understand
>whether the reports I linked to may negatively affect us or not.
>
From the
Correct. We installed node.js on our PCs in as part of the ZOWE CLI
installation. That is what we are concerned about. We do not understand whether
the reports I linked to may negatively affect us or not.
--
For IBM-MAIN
On Sun, 24 Oct 2021 05:40:29 -0500, Support, DUNNIT SYSTEMS LTD.
wrote:
The only area where this could possibly be used under z/OS is with node.js and
I don't know if the version which runs on z/OS uses this version or is one just
for z/OS. You would be running node.js if you run ZOWE and
, October 24, 2021 6:40 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Asking for a friend - reported NPM/node.js vulnerabilities
I know very little about the technical side of anything Java. Those of you who
are wiser, could be please look at these 2 articles and help the rest of us to
understand how
On Sun, 24 Oct 2021, at 11:40, Support, DUNNIT SYSTEMS LTD. wrote:
> I know very little about the technical side of anything Java.
The articles are not about Java, but the unrelated and completely
different language Javascript.
Javascript often runs in a browsr (ie client-side) but there's
I know very little about the technical side of anything Java. Those of you who
are wiser, could be please look at these 2 articles and help the rest of us to
understand how and where - if at all - this poses risks on the z/OS machine
side, as well as on the platforms connected to z/OS and to
