Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
InfoWorld

Samsung banks on JavaScript, Node.js for IoT

Samsung looks to leverage JavaScript as a mechanism for IoT (Internet of things) development with its IoT.js project. The recently unveiled IoT.js serves as a lightweight version of Node.js. “IoT.js ...
InfoWorld

All I want for Christmas is a server-side JavaScript framework

Could 2026 be the year of the beautiful back end? We explore the range of options for server-side JavaScript development, ...
SD Times

Node.js 14 released with improved diagnostics

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Popular JavaScript library can be hacked allowing access to user accounts

Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate validation CERT-CC warns of ...