Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...

Thirty years ago today, Netscape Communications and Sun Microsystems issued a joint press release announcing JavaScript, an object scripting language designed for creating interactive web applications ...

A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid. The flaw is tracked as ...

The AWS SDK for JavaScript v3 is a rewrite of v2 with some great new features. As with version 2, it enables you to easily work with Amazon Web Services, but has a modular architecture with a separate ...

Community driven content discussing all aspects of software development from DevOps to design patterns. Note, this article deals with client-side JavaScript. For a client and server-side JavaScript ...

Node.js 24 has officially arrived, and it’s bringing a rather tasty selection of improvements to the table. If you’re a developer knee-deep in web apps or wrestling with asynchronous code, this ...