Skip to content

Search

ESC
All tags
// Tag

Posts tagged “security”

3 posts

Related topics
supply-chain nextjs cve ssrf websocket javascript tanstack npm ci-cd incident-response python litellm pypi

Posts

CVE-2026-44578 banner: Next.js WebSocket SSRF security advisory
30 min

CVE-2026-44578: Next.js WebSocket SSRF

High-severity (CVSS 8.6) SSRF in the Next.js WebSocket upgrade handler lets unauthenticated attackers proxy GETs to internal services on port 80.

Read
security nextjs cve ssrf websocket
Stack of npm packages with a compromised, cracked package leaking corruption in the middle
13 min

TanStack npm Supply Chain Attack: Detect, Fix, and Recover

On May 11, 2026, attackers published 84 malicious versions across 42 @tanstack/* npm packages. Here is how to detect compromise and recover safely.

Read
security javascript supply-chain tanstack npm ci-cd incident-response
Supply chain attack warning with broken chain links
5 min

LiteLLM Supply Chain Attack: How to Check If You're Affected

Malicious LiteLLM versions were published to PyPI on March 24, 2026. Here's what happened, how to check if you're affected, and what to do.

Read
security python supply-chain litellm pypi