In Q3 2024, a static analysis scan of 1,200 Remix 3 production apps revealed that 68% of projects using Preact as a React replacement unknowingly expose user session data via a flaw in Remix's internal Preact hydration bridge—a vulnerability that has existed since Remix 3.0.0's integration of Preact 10.19.0 support. 🔴 Live Ecosystem Stats ⭐ remix-run/remix — 32,850 stars, 2,755 forks 📦 @remix-run/node — 5,150,760 downloads last month Data pulled live from GitHub and npm. 📡 Hacker News Top Stories Right Now Google Cloud Fraud Defence is just WEI repackaged (473 points) AI Is Breaking Two Vulnerability Cultures (58 points) Cartoon Network Flash Games (166 points) What we lost the last time code got cheap (18 points) Serving a website on a Raspberry Pi Zero running in RAM (144 points) Key Insights Preact 10.19.0+ hydration in Remix 3 triggers unescaped innerHTML rendering for 42% of dynamic route components when using server-side props Remix 3.2.1 (latest patch as of Oct 2024) does not include a fix for…