The Hacker News

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...
Ars Technica

Who put this JavaScript in my COBOL? Node.cobol, that’s who

Last August, we told you about a project posted on GitHub by Romanian software developer Bizău Ionică that makes it possible for snips of legacy COBOL code to run within the JavaScript code of the ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
Bleeping Computer

Heavily used Node.js package has a code injection vulnerability

A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the "systeminformation" npm component which ...

Node.js: Updated versions patch high-risk security vulnerabilities

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...
InfoWorld

Jailed JavaScript library runs untrusted code safely in browsers, Node.js

Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...
VentureBeat

5 ways Node.js changes the rules of app development

This sponsored post is produced in association with NodeSource. The adoption of Node.js is being driven by the need to reduce the time-to-market for applications. Greater agility and reduced labor ...