https://hackyjs.com/posts/auditing-the-tanstack-supply-chain-compromise-postinstall-scripts-that-steal-github-tokens Hacky JS en 2026-06-24T00:00:00.000Z Auditing the TanStack Supply Chain Compromise: Postinstall Scripts That Steal GitHub Tokens supply-chain-security, npm, github, postinstall https://hackyjs.com/posts/hardening-your-libssh2-integration-against-remote-code-execution Hacky JS en 2026-06-24T00:00:00.000Z Hardening Your libssh2 Integration Against Remote Code Execution libssh2, ssh, rce, vulnerability, application-security https://hackyjs.com/posts/post-patch-webshell-persistence-detection-lessons-from-cisco-cve-2026-20230-for-nodejs-apps Hacky JS en 2026-06-24T00:00:00.000Z Post-Patch Webshell Persistence: Detection Lessons from Cisco CVE-2026-20230 for Node.js Apps cybersecurity, nodejs, webshell, cve-2026-20230, threat-detection https://hackyjs.com/posts/rate-limiting-circuit-breakers-and-queue-backpressure-hardening-nodejs-against-ddos Hacky JS en 2026-06-24T00:00:00.000Z Rate Limiting, Circuit Breakers, and Queue Backpressure: Hardening Node.js Against DDoS nodejs, ddos, rate-limiting, circuit-breakers, backpressure https://hackyjs.com/posts/securing-spfx-apps-when-the-sharepoint-server-is-the-weak-link Hacky JS en 2026-06-24T00:00:00.000Z Securing SPFx Apps When the SharePoint Server Is the Weak Link sharepoint, spfx, cybersecurity, patch-management, enterprise-security https://hackyjs.com/posts/when-static-analysis-fails-instrumenting-the-browser-to-spot-token-theft Hacky JS en 2026-06-24T00:00:00.000Z When Static Analysis Fails: Instrumenting the Browser to Spot Token Theft cybersecurity, browser-security, static-analysis, token-theft https://hackyjs.com/posts/catching-redirect-chains-with-anyruns-in-browser-dom-inspector Hacky JS en 2026-06-23T00:00:00.000Z Catching Redirect Chains with ANY.RUN’s In-Browser DOM Inspector cybersecurity, phishing, any-run, sandbox-analysis https://hackyjs.com/posts/how-gurnick-academys-ransomware-recovery-exposes-the-saas-backup-gap-that-hurts-developers Hacky JS en 2026-06-23T00:00:00.000Z How Gurnick Academy’s Ransomware Recovery Exposes the SaaS Backup Gap That Hurts Developers ransomware, cybersecurity, saas-backup, data-recovery https://hackyjs.com/posts/pwn-request-attacks-in-github-actions-what-changed-and-what-javascript-devs-need-to-fix Hacky JS en 2026-06-23T00:00:00.000Z Pwn Request Attacks in GitHub Actions: What Changed and What JavaScript Devs Need to Fix github-actions, javascript-security, ci-cd, supply-chain-security https://hackyjs.com/posts/the-difytap-cross-tenant-bug-writing-safer-multi-tenant-ai-code-with-nodejs Hacky JS en 2026-06-23T00:00:00.000Z The DifyTap Cross-Tenant Bug: Writing Safer Multi-Tenant AI Code with Node.js cybersecurity, nodejs, ai-security, multi-tenant, secure-coding