Only together we can help to deliver a good software!
😉
Small steps always helping community!
#angular #angularjs #growtogether #software #developer #js #ts #javanoscript #typenoscript
😉
Small steps always helping community!
#angular #angularjs #growtogether #software #developer #js #ts #javanoscript #typenoscript
‼️ Does anyone here use n8n? 10/10 RCE - Named: Ni8mare
You visit bleeping computer once and... bang, another infrastructure RCE 10/10 – yeay!
https://www.bleepingcomputer.com/news/security/max-severity-ni8mare-flaw-lets-hackers-hijack-n8n-servers/
You visit bleeping computer once and... bang, another infrastructure RCE 10/10 – yeay!
https://www.bleepingcomputer.com/news/security/max-severity-ni8mare-flaw-lets-hackers-hijack-n8n-servers/
A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.
The security issue is identified as CVE-2026-21858 and has a 10 out of 10 severity score. According to researchers at data security company Cyera, there are more than 100,000 vulnerable n8n servers.
n8n is an open-source workflow automation tool that allows users to connect applications, APIs, and services into complex workflows via a visual editor. It is primarily used to automate tasks and supports integrations with AI and large language model (LLM) services.
🗿1
Hey Folks!!! PARA-PARA-PARADOX....
The story (👆🏻) of Tailwind and core-js will certainly resonate as a cautionary tale in the developer community for a long time. It is a true paradox of our time: we are building increasingly powerful tools, yet the way we keep them alive is more fragile than ever.
#tailwind #corejs #ai
The story (👆🏻) of Tailwind and core-js will certainly resonate as a cautionary tale in the developer community for a long time. It is a true paradox of our time: we are building increasingly powerful tools, yet the way we keep them alive is more fragile than ever.
#tailwind #corejs #ai
⚠️ SECURITY RELEASE: Node.js 24.13.0 (LTS) — 2026-01-13 🟢🔒
https://nodejs.org/en/blog/release/v24.13.0
Notable Changes
(CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) https://github.com/nodejs-private/node-private/pull/797
(CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) https://github.com/nodejs-private/node-private/pull/748
(CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) https://github.com/nodejs-private/node-private/pull/760
(CVE-2025-59466) rethrow stack overflow exceptions in async_hooks (Matteo Collina) https://github.com/nodejs-private/node-private/pull/773
(CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) https://github.com/nodejs-private/node-private/pull/759
(CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) https://github.com/nodejs-private/node-private/pull/796
ALSO! You know what you can do tomorrow! 😉
https://nodejs.org/en/blog/release/v24.13.0
Notable Changes
(CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) https://github.com/nodejs-private/node-private/pull/797
(CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) https://github.com/nodejs-private/node-private/pull/748
(CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) https://github.com/nodejs-private/node-private/pull/760
(CVE-2025-59466) rethrow stack overflow exceptions in async_hooks (Matteo Collina) https://github.com/nodejs-private/node-private/pull/773
(CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) https://github.com/nodejs-private/node-private/pull/759
(CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) https://github.com/nodejs-private/node-private/pull/796
ALSO! You know what you can do tomorrow! 😉
nodejs.org
Node.js — Node.js 24.13.0 (LTS)
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and noscripts.