The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...
The Hacker News

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

Compromised npm packages targeted Red Hat cloud services, enabling credential theft and expanding supply chain risks.
Bleeping Computer

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...
GitHub

Telegram bot nodes for Node-RED

If you want to support this free project. Any help is welcome. You can donate by clicking one of the following links: It is recommended to always do a full deploy when you changed some of the nodes of ...
GitHub

Shelly nodes for node-red

Shelly Pro Dimmer 0/1-10V PM SPCC-001PE10EU Dimmer Shelly Pro 3 SPSW-003XE16EU Relay Shelly Pro 3EM SPEM-003CEBEU Measure Shelly Pro 3EM SPEM-003CEBEU120 Measure Shelly Pro 3EM-400 SPEM-003CEBEU400 ...