Security Boulevard

Best of 2025: CVE-2025-29927 – Understanding the Next.js Middleware Vulnerability

When security vulnerabilities appear in popular frameworks, they can affect thousands of websites overnight. That’s exactly what’s happening with a newly discovered vulnerability in Next.js – one of ...
GIGAZINE

A critical vulnerability in Next.js that has existed for several years has allowed hackers to bypass middleware-based authentication, and Vercel fixed the vulnerability on ...

A critical vulnerability has been discovered in Next.js, an open source web development framework, that could allow an attacker to bypass authentication checks. Next.js is a React framework for ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Dark Reading

Coding Tips to Sidestep JavaScript Vulnerabilities

The Internet was all about gray backgrounds and dull text boxes in the '90s. But JavaScript changed that, allowing us to enjoy dynamic text, interactive websites, and clickable elements without ...
InfoQ

Node Security Project Aims at Making Node.js More Secure

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...
Computer Weekly

Vulnerabilities in JavaScript: Secure coding insights and tips

The perceptions that critical operations are performed on the server side and that all data is stored there are incorrect. What many browsers do today involves reaching out over an unencrypted ...
Dark Reading

Contrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React, and jQuery Frameworks

Los Altos, CA —October 5, 2022 — Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, today announced the expansion of its Secure Code Platform’s ...