Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

No-JavaScript fallbacks in 2026: Less critical, still necessary

Rendering isn’t always immediate or complete. Learn where no-JavaScript fallbacks still protect critical content, links, and ...
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
heise online

IntelliJ IDEA 2026.1: Free basic support for JavaScript and TypeScript

Developers can now use all ACP-compatible AI agents and receive basic features for JavaScript and TypeScript for free – without an Ultimate subscription. JetBrains has released IntelliJ IDEA 2026.1, ...