Blog

The npm ecosystem is in the middle of a major supply-chain compromise. The maintainer known as Qix is currently targeted in a phishing campaign that allows attackers to bypass two-factor authentication and take over their npm account. This is happening right now, and malicious versions of widely used libraries are being published and distributed.

Node.js, Deno, and Bun are the primary runtimes for executing JavaScript and TypeScript in modern applications. They form the backbone of AI backends, serverless deployments, and orchestration layers. Each runtime introduces distinct application security issues. For product security teams, understanding these runtime weaknesses is essential because attacks often bypass framework-level defenses and exploit the runtime directly.

AI workloads are increasingly deployed on serverless runtimes like AWS Lambda, Vercel Edge Functions, and Cloudflare Workers. These platforms reduce operational overhead but introduce new application-layer risks. Product security teams must recognize that serverless runtimes are not inherently safer—they simply shift the attack surface.

TensorFlow.js and Transformers.js allow developers to run machine learning models directly in JavaScript and TypeScript environments. They are widely adopted for preprocessing, inference, and integrating AI into web and Node.js applications. Their ease of use conceals significant application security issues.

Hugging Face Datasets and Tokenizers.js are integral to many JavaScript and TypeScript AI pipelines. They handle ingestion, normalization, and preprocessing of text data. These libraries appear safe but introduce critical security issues at the application layer.

Vector databases such as Pinecone, Weaviate, and Milvus are critical components of AI applications. Their JavaScript and TypeScript clients allow developers to embed, query, and retrieve high-dimensional vectors. These integrations come with application security risks, particularly when vector stores are treated as trusted rather than adversarial environments.

Frameworks such as LangChain, LangGraph, and CrewAI are quickly entering enterprise JavaScript and TypeScript codebases. They enable developers to connect large language models (LLMs) to tools, APIs, and databases. This functionality introduces new attack surfaces. Application security teams must evaluate these frameworks as adversarial environments, not trusted middleware.

SDKs from Vercel, OpenAI, and Anthropic are widely used to embed AI functionality into JavaScript and TypeScript applications. They simplify model calls, but they also expand the attack surface. Application security issues range from credential exposure to unvalidated model outputs influencing downstream execution.

This series will dissect the AI application stack layer by layer, analyzing real-world security issues in the packages, frameworks, and runtimes that developers rely on today.

Next.js (Vercel), React, Vue, and Angular are the dominant full-stack frameworks in JavaScript and TypeScript. They speed up development but introduce recurring security weaknesses. For product security teams, these weaknesses have been exploited in production and must be addressed at the application level.

A malicious actor published tainted Nx releases to npm on August 26–27, 2025, inserting a postinstall payload that harvested secrets, stole GitHub/npm tokens, and exfiltrated them through new GitHub repositories created inside victim accounts. This is an active supply-chain attack with the potential to cascade from compromised developer endpoints into source control, CI/CD, and production.

License compliance is one of the oldest disciplines in application security. For more than two decades, organizations have relied on Software Composition Analysis (SCA) tools to identify copy-left licenses, produce audit trails, and reduce legal risk. Kodem’s new license enforcement capability represents the first real breakthrough in years.