xisra.com
Hello!

Blog

Axios Compromised on npm: Attack Breakdown and Remediation

Axios Compromised on npm: Attack Breakdown and Remediation

The Axios npm package got hijacked via a compromised maintainer account. Here's how the supply chain attack worked, how to check if you're affected, and how to respond.

npmsupply-chain-attackaxios
Easy Static GitHub Pages Blog Website with Next.js & Tailwind CSS

Easy Static GitHub Pages Blog Website with Next.js & Tailwind CSS

How I created this blog website using Next.js and Tailwind CSS and deployed it to GitHub Pages.

webdevnextjstailwindcss
I built tools I want to use and maybe you too

I built tools I want to use and maybe you too

A quick tour of the Tools hub — JSON editor, converter, random keys — with links and how I actually use them.

toolsdeveloper-utilitiesjson-editor
React Server Components RCE: CVE-2025-55182 Is a CVSS 10.0 and You Need to Patch Now

React Server Components RCE: CVE-2025-55182 Is a CVSS 10.0 and You Need to Patch Now

Wiz Research uncovered a critical unauthenticated RCE in React's RSC Flight protocol. Default Next.js apps are vulnerable. Here's what to do.

reactnextjssecurity
Welcome to my site!

Welcome to my site!

Hello and welcome to my site! This is my initial post welcoming you to join me on my journey.

personalinfo

More content coming soon...

Subscribe to get notified when new posts drop.

#comingsoon

Tags

npmsupply-chain-attackaxiossecurityratpostinstallwebdevnextjstailwindcssgithub-pagesstatic-websitedeploymenttoolsdeveloper-utilitiesjson-editorconverterrandom-keysreactrcevulnerabilitycve-2025-55182rscserver-componentspersonalinfo