Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

We're excited to announce the release of Node.js 26! Highlights include the Temporal API enabled by default, updates to the V8 JavaScript engine to 14.6, Undici to 8.0, and several important ...

Bitdefender researchers have discovered a malicious Windsurf IDE (integrated development environment) extension that deploys a multi-stage NodeJS stealer by using the Solana blockchain as the payload ...

Feature bloat, or added value for this JavaScript toolkit? The Bun team has released version 1.2.21 of its JavaScript bundler and runtime, written in Zig, adding features including built-in drivers ...

After a release candidate, the final release Deno 2.0 is now available. The runtime for JavaScript and TypeScript is now compatible with Node.js and npm and stabilizes the standard library after four ...

JavaScript continues to dominate the web development landscape, powering everything from simple websites to complex web applications. As the demand for dynamic, interactive web experiences grows, so ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

A little bit about Node.js, it is a beautifully written cross-platform open-source JavaScript runtime environment built on Google’s Chrome’s V8 JavaScript engine. Node.js basically lets you code ...