Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime environment Node.js. Updated versions, announced in mid-December, have now been ...

Microsoft has pumped out 26 new short videos on YouTube offering beginners a path to learn about Node.js, the server-side JavaScript runtime environment for building ...

Although it is just three years old, Node.js is gaining traction as an application development platform, letting developers extend JavaScript beyond the browser and into servers. But questions remain ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Redmonk’s annual programming language rankings – based on GitHub and StackOverflow traffic – were recently released and to no one’s surprise, JavaScript was ranked as the most popular programming ...

If you like Node.js but not its package manager npm, or you want a more secure JavaScript runtime environment than Node.js, you might find the new open source project Deno of interest (the word Deno ...

Online payment service PayPal says swapping Java for node.js on its servers is allowing it to serve web pages more rapidly and simplifying the creation of server-side software. PayPal has moved from ...