Vulnerabilidad crítica en Next.js https://blog.elhacker.net/2025/03/vulnerabilidad-critica-en-nextjs.html #vulnerabilidad #nextjs #cve
This Week in Security: IngressNightmare, NextJS, and Leaking DNA - This week, researchers from Wiz Research released a series of vulnerabilities in t... - https://hackaday.com/2025/03/28/this-week-in-security-ingressnightmare-nextjs-and-leaking-dna/ #thisweekinsecurity #ingressnightmare #hackadaycolumns #securityhacks #23andme #nextjs #news
@carlton @EmmaDelescolle @wsvincent bonus chart for you two. I’d love to see this compared to #Rails / #Laravel / #nextjs. I think "75% of current downloads are for a supported version" is a solid achievement but am only 75% sure of that.
Next.js Middleware Flaw Lets Attackers Bypass Authorization https://hackread.com/next-js-middleware-flaw-bypass-authorization/ #Authorization #Vulnerability #Middleware #Security #Nextjs #React
Next.js Middleware Flaw Lets Attackers Bypass Authorization – Source:hackread.com https://ciso2ciso.com/next-js-middleware-flaw-lets-attackers-bypass-authorization-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Authorization #Vulnerability #Middleware #Hackread #security #Nextjs #React
https://astro.build/ and https://vanilla-extract.style/ are a great fit.
I'm migrating from NextJS to Astro and all my complex styles are ported over with no changes. This makes my job so much easier.
Critical Next.js Vulnerability in Hacker Crosshairs – Source: www.securityweek.com https://ciso2ciso.com/critical-next-js-vulnerability-in-hacker-crosshairs-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #vulnerabilities #securityweekcom #Vulnerability #securityweek #Exploited #Nextjs
Critical Next.js Vulnerability in Hacker Crosshairs https://www.securityweek.com/critical-next-js-vulnerability-in-hacker-crosshairs/ #Vulnerabilities #vulnerability #exploited #Nextjs
Critical Next.js Vulnerability in Hacker Crosshairs https://www.securityweek.com/critical-next-js-vulnerability-in-hacker-crosshairs/ #Vulnerabilities #vulnerability #exploited #Nextjs
What are your thoughts on Vercel and Next JS? It seems like a walked garden to me...
Critical flaw in #Nextjs lets hackers bypass authorization
LB: the vuln itself is crazy, but even crazier is the way Vercel decided to handle the whole thing 
Post by researchers: https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
Summary of Vercel situation: https://xcancel.com/amasad/status/1903654014962819448
#nextjs parallel route seems a good idea until you need to implement a dynamic route along with it or need to restore the UI state on refresh.
I'm sure a ton of people are busy patching this week with this next.js flaw.
https://cyberscoop.com/nextjs-critical-vulnerability-open-source-vercel/
If you're self-hosting Next.js outside Vercel or Netlify and you use middleware (for ie, authentication), your project could have a critical vulnerability. #nextjs
https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
Reject modernity (Next.js); embrace tradition (PHP).
»Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization:
A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927.«
Well, I have to give it up and look at it.
https://gbhackers.com/critical-next-js-middleware-vulnerability/
Next.js has patched a critical vulnerability that lets attackers bypass auth middleware in self-hosted apps. Immediate action is necessary: patch now.
https://socket.dev/blog/next-js-patches-critical-middleware-vulnerability #nextjs #javascript
