Next.js in the Media

Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces

Next.js, one of the most widely used React frameworks, has been hit by a high-severity vulnerability that could allow attackers to extract sensitive cloud credentials, API keys, and even access internal admin interfaces. The flaw, tracked as CVE-2026-44578, exposes a critical weakness in how cert

May 15, 2026

Multiple Critical Flaws Fixed in Next.js and React Server Components

Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to severe risks, including unauthenticated Denial o

May 8, 2026

Cybersecurity News

Multiple Critical Vulnerabilities Patched in Next.js and React Server Components

Vercel has released an extensive set of security advisories for Next.js, addressing more than a dozen vulnerabilities, including denial-of-service, middleware bypass, server-side request forgery, and cross-site scripting. The flaws affect Next.js versions 13.x through 16.x using the App Router, a

May 8, 2026

Using Next.js security headers to strengthen app security

May 4, 2026

April 2026

I tested every major auth library for Next.js in 2026: Here’s what you should use

Apr 20, 2026

SecurityWeek

Next.js Creator Vercel Hacked

Vercel confirmed suffering a breach after a hacker claiming to be part of ShinyHunters offered to sell stolen data for $2 million. The post Next.js Creator Vercel Hacked appeared first on <a href="https://www.securit

Apr 20, 2026

The Register AI-ML

Next.js developer Vercel warns of customer credential compromise

Blames outfit called Context.ai, which reckons an agentic OAuth tangle caused the incident Vercel, the company that created the open source Next.js web development framework, has a data leak that led to compromise of some customer credentials, and blamed an outfit called Context.ai for t

Apr 20, 2026

When to move API logic out of Next.js

Apr 15, 2026

CMSWire

Pantheon Launches Next.js GA, Eyeing AI Agents and the Future of Web Infrastructure

Pantheon's Next.js hosting is now generally available — and the company is positioning the launch s

Apr 14, 2026

Astro vs Next.js: When SSG beats React for content sites

Apr 13, 2026

Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours

Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised at least 766 servers in under 24 hours. The threat activity is tracked as “UAT‑10608”. It relies on a custom framework dubbed NEXUS Listener

Apr 7, 2026

Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts

A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as “UAT-10608” that co

Apr 3, 2026

The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at&nbsp

Apr 2, 2026

March 2026

vinext explained: Cloudflare’s Vite-based Next.js replacement

Mar 31, 2026

February 2026

The Pragmatic Engineer

The Pulse: Cloudflare rewrites Next.js as AI rewrites commercial open source

An engineer at Cloudflare rewrote most of Vercel’s Next.js in one week with AI agents. It looks like a sign of how AI will disrupt existing moats and business models. Analysis

Feb 26, 2026

The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines. "The activity aligns with a broader cluster of threats that us

Feb 26, 2026

BleepingComputer

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. [...]

The Register AI-ML

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed malicious repositories disguised as legitimate projects, according to Microsoft, which said a limited set of those repos were directly tied to observed compromises.…

darkreading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.

The Register AI-ML

Cloudflare experiment ports most of Next.js API 'in one week' with AI

Uses Vite and Claude to sidestep Vercel lock-in with a new open source build tool A Cloudflare engineer says he has implemented 94 percent of the Next.js API by directing Anthropic's Claude, spending about $1,100 on tokens.…

Microsoft Alerts Developers of Malicious Next.js Repositories Used in Ongoing Hacker Attacks

Microsoft has warned that threat actors are weaponizing malicious Next.js repositories to compromise developers through what appear to be legitimate projects and recruiting‑style technical assessments. The campaign abuses normal workflows in Visual Studio Code and Node.js to reach a staged comman