Node.js: Updated versions patch high-risk security vulnerabilities

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...
腾讯网

利用零宽度字符的隐形JavaScript混淆工具InvisibleJS浮出水面

InvisibleJS是一款利用不可见零宽度Unicode字符隐藏JavaScript代码的新型开源工具,其潜在恶意用途已引发安全警报。该工具由开发者oscarmine托管在GitHub上,采用隐写术技术将源代码嵌入看似空白的文件中。 工作原理 ...
GitHub

VWO Feature Management and Experimentation SDK for Node.js and JavaScript(Browser)

The VWO Feature Management and Experimentation SDK (VWO FME Node SDK) enables Node.js and JavaScript developers to integrate feature flagging and experimentation into their applications. This SDK ...

Top 5 Companies to Hire Node.js Developers: An Expert Guide for 2026

Finding the right talent in the tech industry is rarely a simple task, but sourcing high-quality Node.js developers can feel ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

周下载350万次的jsPDF库曝9.2分漏洞,可经由PDF窃取敏感数据

IT之家 1 月 8 日消息,科技媒体 bleepingcomputer 昨日(1 月 7 日)发布博文,报道称广泛使用的 JavaScript PDF 生成库 jsPDF 近期报告严重安全漏洞(CVE-2025-68428),CVSS 评分高达 9 ...

已修复:周下载 350 万次的 jsPDF 库曝 9.2 分漏洞,可经由 PDF 窃取敏感 ...

IT之家 1 月 8 日消息,科技媒体 bleepingcomputer 昨日(1 月 7 日)发布博文,报道称广泛使用的 JavaScript PDF 生成库 jsPDF 近期报告严重安全漏洞(CVE-2025-68428), CVSS 评分高达 ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
InfoQ中国 on MSN

Bun 推出内置数据库客户端与零配置前端开发

Bun (一个快速全能的JavaScript运行环境)现已发布 1.3 版本。此次更新堪称迄今为止最大的一个版本,不仅实现了全栈开发能力,还推出了统一的数据库 API,并显著提升了运行时的整体性能。 Bun 1.3 ...
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...