The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
InfoQ

ReScript 12.0 Released with New Build System

ReScript 12.0 has launched, marking a milestone in modernizing the language with a rewritten build system, improved ...