Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 "Early ...

We are a weekly podcast and newsletter made to deliver quick and relevant JavaScript updates in just under 4 minutes. We are a weekly podcast and newsletter made to deliver quick and relevant ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...

On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP requests to a REST endpoint with over 70 million weekly ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named ...

Weeks after describing Amazon Web Services’ outage, which knocked over 1,000 companies and millions of internet users offline, as “a bad day,” Cloudflare CEO ...

As a small business owner, Liz understands the unique challenges entrepreneurs face. Well-versed in the digital landscape, she combines real-world experience in website design, building e-commerce ...

Claude’s blog is no more. A week after TechCrunch profiled Anthropic’s experiment to task the company’s Claude AI models with writing blog posts, Anthropic wound down the blog and redirected the ...

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...