Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...
Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript build tools that surround it, in a move to position its developer platform ...
Four real SAP npm packages were hacked. The hackers added code that steals crypto wallets, cloud credentials, and SSH keys from developers. These packages had more than 500,000 downloads a week. Four ...
The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom npm packages, plus the lightning PyPI package. The newly compromised packages ...
A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Web infrastructure giant Cloudflare is seeking to transform the way enterprises deploy AI agents with the open beta release of Dynamic Workers, a new lightweight, isolate-based sandboxing system that ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results