Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...
dbta

Chainguard Libraries for JavaScript Help Organizations Build Software More Safely and Efficiently

Chainguard, a trusted foundation for software development and deployment, is launching Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...
blockonomi

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

18 popular NPM packages with over 2 billion weekly downloads were compromised through a phishing attack targeting developer “Qix” The malware functioned as a “crypto-clipper,” silently replacing ...
CoinTelegraph

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
tech2geek

LogTape – Lightweight Logging Library for JavaScript Developers

Choosing between intrusive logging and leaving users in the dark is a classic dilemma for JavaScript developers. Do you burden your users with unnecessary dependencies for debugging, or do you forgo ...
GitHub

A lightweight, flexible, and dependency-free JavaScript library for creating responsive side panels (drawers/slide menus).

SlideReveal.js is a lightweight, flexible, and dependency-free JavaScript class for creating responsive side panels (drawers/slide menus). It supports overlays, push-body effects, filters, keyboard ...
Hacker

JavaScript Just Became 10X faster Thanks to a New Game-changing Feature From Chrome

We are a weekly podcast and newsletter made to deliver quick and relevant JavaScript updates in just under 4 minutes. byThis Week in JavaScript@thisweekinjavascript byThis Week in ...
financefeeds

Ripple’s XRP Ledger Flags Critical Backdoor in JavaScript Library

The XRP Ledger Foundation disclosed a major security flaw in the official JavaScript library used to interact with the XRP Ledger, warning that attackers inserted a backdoor to steal private keys and ...
CoinTelegraph

XRP Ledger Foundation spots ‘crypto stealing backdoor’ in code library

The Foundation said an updated software package has already been published to remove the security breach. The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript ...
Tech Thirsty

Top JavaScript Frameworks in 2025: React vs Angular vs Vue

With the rise in popularity of mobile phones for both personal and professional purposes, there is also a greater demand for fast, efficient and scalable web applications that come with flexible and ...