Popular JavaScript library can be hacked allowing access to user accounts

Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate validation CERT-CC warns of ...

Popular Forge library gets fix for signature verification bypass flaw

A vulnerability in the 'node-forge' package, a popular JavaScript cryptography library, could be exploited to bypass ...
InfoWorld

Intro to Nest.js: Server-side JavaScript development on Node

Nest’s design is philosophically inspired by Angular. At its heart is a dependency injection (DI) engine that wires together ...
Tech Digest

Underwater drones deployed, Javascript library vulnerable to hacking

Flying drones have changed land battles forever. Now the same thing is happening under the sea with underwater drones ...
ZDNet

Show-stopping bug appears in npm Node.js package manager

Are you a developer who uses npm as the package manager for your JavaScript or Node.js code? If so, do not -- I repeat do not -- upgrade to npm 5.7.0. Nothing good can come of it. As one user reported ...
InfoWorld

Samsung banks on JavaScript, Node.js for IoT

Samsung looks to leverage JavaScript as a mechanism for IoT (Internet of things) development with its IoT.js project. The recently unveiled IoT.js serves as a lightweight version of Node.js. “IoT.js ...
The Register on MSN

PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm ...
TechCrunch

The Node.js and JS foundations want to merge

There are currently two main open-source foundations that focus on JavaScript: the JS Foundation, which was founded in 2016, and the Node.js Foundation, which launched in 2015. The JS Foundation’s ...