A serious security flaw has been uncovered in the Cline Kanban server that puts developers’ workspace … Critical Vulnerability in Cline AI Agent Allows Remote Code ExecutionRead more
Node.js security
vm2 Vulnerabilities Enable Full System Takeover
A critical breakdown in one of the most trusted Node.js sandbox libraries is putting countless applications … vm2 Vulnerabilities Enable Full System TakeoverRead more
pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk
The npm ecosystem has become one of the most targeted environments for supply chain attacks, where … pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain RiskRead more
npm Supply Chain Attack: Hugging Face Malware Abuse Explained
The npm supply chain attack targeting the malicious package js-logger-pack demonstrates a dangerous evolution in modern … npm Supply Chain Attack: Hugging Face Malware Abuse ExplainedRead more
Critical Vulnerability in Next-Mdx-Remote: RCE Risk in React SSR
A critical vulnerability in next-mdx-remote has been identified that allows attackers to execute arbitrary code on … Critical Vulnerability in Next-Mdx-Remote: RCE Risk in React SSRRead more
Dangerous duer-js NPM Package Infects Windows Users
A malicious NPM package named duer-js has been discovered targeting Windows users and developers. Disguised as … Dangerous duer-js NPM Package Infects Windows UsersRead more