The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
GitHub

XOWS XMPP Web-Client

XOWS (or Xows) stands for "XMPP Over WebSocket", it is a JavaScript/HTML based XMPP web client that use the WebSocket protocole. It consist on a JavaScript application as main program with additional ...
InfoQ

DuckDB's WebAssembly Client Allows Querying Iceberg Datasets in the Browser

DuckDB has recently introduced end-to-end interaction with Iceberg REST Catalogs directly within a browser tab, requiring no ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
GitHub

A client library for the Kubo RPC API

Loading this module through a script tag will make its exports available as KuboRpcClient in the global namespace. Both the Current and Active LTS versions of Node.js are supported. Please see ...
InfoQ

Bun Introduces Built-in Database Clients and Zero-Config Frontend Development

Bun 1.3 revolutionizes full-stack JavaScript development with unified database APIs and zero-config frontend setup.
InfoWorld

Intro to Hotwire: HTML over the wire

This concept isn’t new—in fact, it is the essence of representational state transfer (REST). Instead of converting to a ...