nodejs

Browse all articles, tutorials, and guides about nodejs

3posts

Posts

⌘K

2026-06-12|9 min read

npm v12 Will Stop Running Install Scripts. We Audited Our Repos to See What Actually Breaks

Starting with npm v12 (estimated July 2026), dependency install scripts will not run unless you allowlist them. We ran the new audit tooling on our own production repos: 65 packages flagged, 4 that matter, and a surprising amount of nothing breaking.

DevOps

2026-04-03|11 min read

CVE-2025-55182 React2Shell: 766 Next.js Hosts Breached in 24 Hours

A CVSS 10.0 RCE in React Server Components let attackers breach 766 Next.js hosts in a single day, stealing database credentials, SSH keys, and cloud secrets. Here is how it works, who is affected, and what to do right now.

DevOps

2026-03-31|7 min read

The Axios Supply Chain Attack: What DevOps Teams Need to Know

A compromised npm maintainer account led to malicious axios versions deploying a RAT across macOS, Windows, and Linux. Here is what happened, how to check if you are affected, and how to prevent this in your pipeline.