New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released…
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Threat actors with ties to North Korea have likely become the latest…
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that…
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has…
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
Nov 28, 2025Ravie LakshmananSupply Chain Attack / Malware The North Korean threat…
Popular Forge library gets fix for signature verification bypass flaw
A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could…
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Nov 18, 2025Ravie LakshmananBrowser Security / Vulnerability Google on Monday released security…
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly…
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored…