Node.js: Updated versions patch high-risk security vulnerabilities

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...

Node.js发布安全更新,修复所有维护版本中的7个漏洞

2026年1月13日,Node.js官方发布紧急安全更新,修复多个活跃版本中的7个中高危漏洞,涵盖内存泄漏、拒绝服务(DoS)和权限绕过等风险。官方敦促受影响系统立即升级。

Node.js紧急安全更新:7个漏洞修复,立即升级!

在2026年1月13日,Node.js官方发布了一项紧急安全更新,针对多个活跃版本中的7个中高危漏洞进行了修复。这次更新涵盖了内存泄漏、拒绝服务(DoS)攻击和权限绕过等风险,官方建议所有受影响的系统尽快升级,以确保安全性。

Top 5 Companies to Hire Node.js Developers: An Expert Guide for 2026

Finding the right talent in the tech industry is rarely a simple task, but sourcing high-quality Node.js developers can feel ...
CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...
腾讯网

利用零宽度字符的隐形JavaScript混淆工具InvisibleJS浮出水面

InvisibleJS是一款利用不可见零宽度Unicode字符隐藏JavaScript代码的新型开源工具,其潜在恶意用途已引发安全警报。该工具由开发者oscarmine托管在GitHub上,采用隐写术技术将源代码嵌入看似空白的文件中。 工作原理 ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

Malware scam: Job offers trick developers with malicious repositories

Developers now need to be careful with job offers. Criminals are trying to distribute infostealers through them.