The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Next.js 16.2 brings updates for performance, AI agents, and Turbopack

The React framework has over 200 changes for the Turbopack bundler and aims to make the use of AI agents more efficient.
InfoWorld

What is Node.js? The JavaScript runtime explained

Node.js is a lean, fast, cross-platform JavaScript runtime environment that is useful for both servers and desktop applications. Scalability, latency, and throughput are key performance indicators for ...
InfoQ

State of JavaScript 2025: Survey Reveals a Maturing Ecosystem with TypeScript Cementing Dominance

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoWorld

Warning for developers, web admins: update Next.js to prevent exploit

Developers and web admins using the Next.js framework for building or managing interactive web applications should install a security update to plug a critical vulnerability. The vulnerability, ...
Analytics Insight

Top YouTube Channels for Node.js in 2026: Best Picks

Popular channel offering practical Node.js tutorials, REST API projects, and backend fundamentals with clear explanations ...

Attack on Next.js manufacturer Vercel: customer data exfiltrated

Vercel's internal systems and customer data were compromised in a security incident. An external AI tool served as the entry point.