Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

The round comes just eight months after Supabase closed on its Series E and means it has now raised over $1 billion in total ...

Anthropic acquired SDK startup Stainless, signaling a deeper push into developer tooling as AI labs compete beyond model performance.

VoidZero's toolchain, anchored by Vite, has emerged as the shared substrate for the web ecosystem, capturing over 130 million weekly downloads. The Cloudflare Vite plugin has reached 13.9 million ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

From YouTube to "Ghost Runs" to smart home control: First developer apps expand the possibilities of the Meta Ray-Ban Display.

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool.

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.