Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...

Finding the right talent in the tech industry is rarely a simple task, but sourcing high-quality Node.js developers can feel ...

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...

Microsoft is previewing a new AI-assisted tool for Visual Studio Code Insiders called the JavaScript/TypeScript Modernizer. It's designed to help developers modernize older JavaScript or TypeScript ...

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its ...

This video unpacks the fierce legal showdown between Deno Land and Oracle over the ownership of the “JavaScript” trademark. We dive into the heated arguments—that the term has become generic, that ...

TypeScript 5.9 has reached the release candidate (RC) stage with enhancements for modern module behavior, hover tooltips, and deferred module evaluation. Microsoft announced the RC on July 25, ahead ...