Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

Inside Pearlstone's changes to The Code project on South Lamar

Pearlstone Partners' CEO explains how the company pivoted the use of one of its newest properties in Austin called The Code ...
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

AI needs a 'brake pedal', warns Anthropic co-founder

Jack Clark tells BBC's Newsnight AI could get to the point where it develops without human input.
TMCnet

Cloudflare Acquires VoidZero to Build the Future of the AI-Native Web

VoidZero's toolchain, anchored by Vite, has emerged as the shared substrate for the web ecosystem, capturing over 130 million weekly downloads. The Cloudflare Vite plugin has reached 13.9 million ...
MusicRadar on MSN

I’m convinced that Ableton’s Extensions are going to change how music-makers use Live forever

The Extensions SDK can be used to "expand, reshape and customize" Live Suite with new tools and features ...
The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Cloudflare Acquires VoidZero to Build the Future of the AI-Native Web

Acquisition brings Vite, the world’s leading JavaScript build tool, and its core open source team to Cloudflare Cloudflare commits $1 million to an independent Vite ecosystem fund to support open sour ...