The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible ...
InfoQ

jQuery Releases v4: First Major Version in Almost 10 Years

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...
GitHub

maurya-sachin/Frontend-Master-Prep-Series

Structured Q&A, coding problems, and interactive flashcards covering the complete frontend ecosystem. Actively growing repository with new content added regularly. JavaScript 9 topics 🟢 🟡 🔴 ...
Microsoft

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...
GitHub

Example projects to help you get started with Commerce.js.

Next.js - ChopChop starter kit Open source demo and starker kit built with Next.js and Commerce.js. One click deploy to Vercel, read the blog Next.js - Fullly fledged eCommerce store Open source demo ...