Cybernews

Next.js turf war heating up: Cloudflare’s vibe-coded gambit humbled by critical security bugs

Cloudflare’s experimental AI-built Next.js alternative, vinext, has been released with critical security flaws, escalating a feud with Next.js maintainer, Vercel.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...