SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...
GitHub

A client library for the Kubo RPC API

Loading this module through a script tag will make its exports available as KuboRpcClient in the global namespace. Both the Current and Active LTS versions of Node.js are supported. Please see ...
InfoQ

Bun Introduces Built-in Database Clients and Zero-Config Frontend Development

Bun 1.3 revolutionizes full-stack JavaScript development with unified database APIs and zero-config frontend setup.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
InfoWorld

Intro to Hotwire: HTML over the wire

This concept isn’t new—in fact, it is the essence of representational state transfer (REST). Instead of converting to a ...
GitHub

Jellyfin API Client for JavaScript

This library is deprecated. It is recommended to use the TypeScript SDK instead. No future releases are planned and no new features will be supported. This library is meant to help clients written in ...