The Hacker News

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...
GitHub

XOWS XMPP Web-Client

XOWS (or Xows) stands for "XMPP Over WebSocket", it is a JavaScript/HTML based XMPP web client that use the WebSocket protocole. It consist on a JavaScript application as main program with additional ...
IEEE

Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...
GitHub

Laravel Loop is a powerful Model Context Protocol (MCP) server designed specifically for Laravel applications. It connects your Laravel application with AI assistants using the ...

Laravel Loop and its pre-built tools are still in development and this is a beta version. For this to be really useful, you need to connect your MCP client (Claude Code, Claude Desktop, Cursor, ...
theregister

React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines

Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in ...