Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

MESCIUS USA, Inc., a global provider of award-winning enterprise software development tools, is pleased to announce a new product for the Document Solutions product line: Document Solutions PDF JS.

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...

The round comes just eight months after Supabase closed on its Series E and means it has now raised over $1 billion in total ...

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

The government's plans aim to drive productivity, boost efficiency in the crown court, and reduce the time victims have to ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Anthropic acquired SDK startup Stainless, signaling a deeper push into developer tooling as AI labs compete beyond model performance.

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.