流行的JavaScript包Happy DOM曝出严重安全漏洞，该漏洞可使攻击者逃逸Node.js虚拟机（VM）上下文并在主机系统上执行任意代码。该漏洞被追踪为CVE-2025-61927，CVSSv4评分为9.4。

A：Bun 1.3版本新增了支持热重载的全栈开发服务器、支持PostgreSQL/MySQL/SQLite的SQL API、Redis支持、增强路由、跨平台编译、安全扫描器API以及隔离安装功能，还优化了垃圾收集器，实现了空闲CPU时间减少100倍。

Version 1.3 of the Bun JavaScript runtime and toolkit has landed, pushing forward the project's goal to consolidate ...

Keep an eye on the future but hone your coding craft in the now. Start here, with nine timeless JavaScript coding concepts, a ...

Microsoft has brought its Go-based native TypeScript compiler to Visual Studio 2026 Insiders, marking a major milestone in ...

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...

How has JavaScript and web development changed in 2023? Learn about the top 10 updates to Next.js, React, Angular, Vue, and Node.js.

CERT-In has issued a high-severity warning over a major npm ecosystem compromise named ‘Shai-Hulud,’ targeting credentials linked to Google Cloud, AWS, Microsoft Azure, and developer accounts.

The HTTP engine inside Nitro is H3, a server geared for high-performance and portability. H3 provides the core functionality ...

A LinkedIn post by Zoho engineer Alim, originally shared four years ago, has gone viral for its powerful story of ...