Security Boulevard

Detecting browser extensions for bot detection, lessons from LinkedIn and Castle

Modern bot detection rarely deals with obviously fake browsers. Most large-scale automation today runs inside browser ...
The Hacker News

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

MESCIUS USA Introduces an AI Assistant Add-on for SpreadJS Product Line

"SpreadJS v19 brings a helpful AI Assistant to JavaScript spreadsheets that can create or explain formulas, generate or analyze PivotTables, and even do things like translation right within cells," ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
InfoQ

Bun Introduces Built-in Database Clients and Zero-Config Frontend Development

Bun 1.3 revolutionizes full-stack JavaScript development with unified database APIs and zero-config frontend setup. Experience enhanced performance with built-in Redis support and optimized bundling.
Security Boulevard

Apple’s App Store Source Map Leak: A Preventable Vulnerability We Found in 70% of Organizations

Apple’s App Store source map leak shows a preventable risk we found in 70% of organizations shipping production web apps.