Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the ...

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...

Google has set new browser performance records for Chrome following a year of improvements, with the latest results made ...

A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

In this session and live demo, you'll see how to fight back at AI speed — automatically surfacing anomalous behavior and executing containment before the blast radius grows.

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

No sooner did Anthropic file for its initial public offering of stock this week than it then put out a missive suggesting that AI model makers need to slow down to let us catch our breath — or else AI ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...