The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend ...

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow attackers to extract credentials and files — and gain a lateral edge.

We are a weekly podcast and newsletter made to deliver quick and relevant JavaScript updates in just under 4 minutes. We are a weekly podcast and newsletter made to deliver quick and relevant ...

The UK’s Royal Navy has bought a fleet of Remus 300 unmanned underwater vehicles from US defence contractor HII. Photo: HII A popular JavaScript cryptography library is vulnerable in a way which could ...

Results from the State of JavaScript survey are in and the results may shock you. Compare frontend web frameworks like React, Angular, Vue, and Svelte. Find out how backend frameworks stack up like ...

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...

18 popular NPM packages with over 2 billion weekly downloads were compromised through a phishing attack targeting developer “Qix” The malware functioned as a “crypto-clipper,” silently replacing ...

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. Hackers have only managed to ...

React conquered XSS? Think again. That's the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from prototype ...

This rule is a variant of one targeting libraries (cf #37) and is meant to check the framework being used by the project Even if it can fill like difficult to fix for already existing big projects, ...