JavaScript and TypeScript dominate the modern enterprise stack. They run the web front-ends users touch, the Node.js and Deno back-ends that serve them, and a rapidly growing share of serverless functions in the cloud. Their adoption curve is exponential, but their security maturity is lagging. The npm ecosystem, with its sprawling dependency chains, creates an inherently adversarial supply chain. Dynamic execution and prototype inheritance expand the runtime attack surface. Static scanning alone cannot answer the key question: what is actually exploitable in production? Security teams need runtime intelligence to see what attackers see.

Frameworks such as LangChain, LangGraph, and CrewAI are quickly entering enterprise JavaScript and TypeScript codebases. They enable developers to connect large language models (LLMs) to tools, APIs, and databases. This functionality introduces new attack surfaces. Application security teams must evaluate these frameworks as adversarial environments, not trusted middleware.

SDKs from Vercel, OpenAI, and Anthropic are widely used to embed AI functionality into JavaScript and TypeScript applications. They simplify model calls, but they also expand the attack surface. Application security issues range from credential exposure to unvalidated model outputs influencing downstream execution.

This series will dissect the AI application stack layer by layer, analyzing real-world security issues in the packages, frameworks, and runtimes that developers rely on today.

Next.js (Vercel), React, Vue, and Angular are the dominant full-stack frameworks in JavaScript and TypeScript. They speed up development but introduce recurring security weaknesses. For product security teams, these weaknesses have been exploited in production and must be addressed at the application level.

A malicious actor published tainted Nx releases to npm on August 26–27, 2025, inserting a postinstall payload that harvested secrets, stole GitHub/npm tokens, and exfiltrated them through new GitHub repositories created inside victim accounts. This is an active supply-chain attack with the potential to cascade from compromised developer endpoints into source control, CI/CD, and production.

License compliance is one of the oldest disciplines in application security. For more than two decades, organizations have relied on Software Composition Analysis (SCA) tools to identify copy-left licenses, produce audit trails, and reduce legal risk. Kodem’s new license enforcement capability represents the first real breakthrough in years.

In 2024, more than 33,000 CVEs were disclosed, an all‑time high, but only about 12% of those labeled “Critical” actually proved exploitable. Meanwhile, high‑profile exploit chains like Pegasus and Blastpass, and careless breaches like the Tea app hack, reveal that Medium‑ranked or poorly‑coded vulnerabilities, rather than CVSS labels, often lead to real attacker impact.

Kodem recently identified two security issues in Claude Code: a misconfiguration allowing circumvention of user approval and a subsequent Denial-of-Service (DoS) condition.

At RSAC 2025, we launched Kai, the first AI-native application security engineer. Today, we’re expanding it into a fully agentic task force that truly performs AppSec tasks from start to finish. 

The Federal Risk and Authorization Management Program (FedRAMP) recently released RFC-0012, marking a notable shift towards more stringent standards for continuous vulnerability management. Cloud providers and security teams must adjust quickly to stay compliant and secure (FedRAMP, 2024).

CVE‑2025‑23266, nicknamed NVIDIAScape, is a pre‑execution flaw in the NVIDIA Container Toolkit.

Rapyd, a global fintech platform operating in over 100 countries, partnered with Kodem to modernize its application security program. Faced with mounting vulnerabilities and a shortage of specialized AppSec talent, Rapyd needed more than another scanner—it needed a platform that could think like an expert. Kodem delivered measurable reductions in triage time, rework, and risk exposure by focusing on what attackers can actually exploit.

CVE-2025-25257 is a critical vulnerability in Fortinet FortiWeb Fabric Connector. It allows unauthenticated SQL injection, which attackers escalate into remote code execution (RCE) on affected appliances.

CVE-2025-47812 is a critical vulnerability affecting Wing FTP Server versions prior to 7.4.4. This severe security flaw enables unauthenticated attackers to execute arbitrary code remotely (RCE) by exploiting inadequate validation of input containing null bytes (%00) in the authentication process

The Exploit Prediction Scoring System (EPSS) is a data-driven model that predicts the likelihood a given software vulnerability will be exploited in the wild.

Most security tools today, static analyzers, fuzzers, even single-agent LLMs, struggle to find complex, multi-step vulnerabilities. But the emerging model of multi-agent collaboration can fundamentally transform vulnerability discovery. Argusee’s recent results are just a glimpse of what's possible.

The Beginning of AI-Native Security Research

Application Detection and Response (ADR) technologies are essential for identifying and mitigating runtime attacks. Yet, many existing approaches struggle to detect nuanced, logic-based vulnerabilities effectively.

Understanding domestic and international regulatory landscapes is crucial to ensuring compliance and enhancing security postures. This blog post explores key software security mandates worldwide, including those from the United States, European Union, and Asia-Pacific, providing a comprehensive guide on navigating these complex regulations for a secure software development lifecycle.

Application Detection and Response (ADR) is emerging as the next evolution in application security, aiming to catch and stop attacks from within the application itself at runtime. Recent incidents like the Next.js middleware vulnerability CVE-2025-29927 – an authentication bypass triggered by a single HTTP header – underscore why traditional approaches often fall short.

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

Agentic red teams, AI-powered multi-agent systems capable of offensive security testing, have arrived as a timely and necessary innovation to fill this critical gap in the cybersecurity landscape.

Pinpoint real exposure with Kodem’s unique approach, as seen in real-world example of CVE-2025-29927 in Next.js.

The Next.js team disclosed – CVE-2025-29927 vulnerability – that allows attackers to bypass authorization checks implemented in Next.js Middleware by manipulating the x-middleware-subrequest header.

Remote Code Execution CVE-2025-24813 vulnerability - See how Kodem runtime SCA and ADR can identify and block these attacks without specific CVE signatures

As organizations increasingly adopt AI, the demand for standardized frameworks to manage AI risks has grown - enter ISO 42001.

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

See why organizations must adopt automated defenses, infrastructure protections, external validation, and a stronger security culture to combat modern cyber threats.

The evolving landscape of open-source security highlights the importance of preserving access, innovation, and trust for the developer community.