Fixing `marked` XSS vulnerability
Source
You might also wanna read
Post-mortem Analysis of @ctrl/tinycolor npm Supply Chain Attack via GitHub Actions
A detailed post-mortem analysis of a supply chain attack on the @ctrl/tinycolor npm package. The attack occurred when a malicious GitHub Act
Scratch's ongoing security challenges with SVG sanitization
The article discusses the security challenges Scratch faces with SVG sanitization. Scratch parses user-generated (attacker-controlled) SVG c
Popular npm packages debug and chalk compromised with crypto-intercepting malware
Starting September 8th, 2023, the popular npm packages "debug" and "chalk" were compromised with malicious code. These packages, which colle
aikido.dev·10mo agoUnderstanding Nested Code Fences in Markdown: Technical Implementation Guide
This article explores the technical challenge of nesting code fences within Markdown documents, focusing on the CommonMark specification and

September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack
Security Researchers Discover Critical XSS Vulnerabilities in Mintlify Platform Affecting Major Tech Companies
A 16-year-old hacker and his friends discovered critical cross-site scripting vulnerabilities in Mintlify, an AI documentation platform used

Comments
Sign in to join the conversation.
No comments yet. Be the first.