Microsoft has released the beta of TypeScript 6.0, highlighting what the company describes as a transitional moment for the widely used programming language. The release will be the final version built on the JavaScript codebase, with TypeScript 7.0 slated to introduce a compiler and language service rewritten in Go. For more than a decade, TypeScript […]
Arcjet SDKs Make It Simpler for Developers to Include Security Functions
Arcjet this week made available a software development kit (SDK) that makes it simpler for JavaScript developers to embed capabilities such as bot detection, rate limiting, email validation, attack protection and data redaction directly within their applications. Company CEO David Mytton said the release of v1.0 of its Arcjet JavaScript SDK makes it possible for […]
Attackers Testing New Strain of Shai-Hulud on npm: Aikido
Threat actors behind the virulent Shai-Hulud worm that wreaked havoc in open npm repositories toward the end of 2025 apparently are trying out a new strain that comes with slight modifications. Security researchers with Aikido Security, who have been tracking Shai-Hulud for months, wrote in a report that was updated January 2 that there doesn’t […]
Anthropic Acquires Bun to Accelerate AI Coding Tools
Anthropic says it has acquired Bun, a high-performance JavaScript toolkit, to turbocharge its artificial intelligence (AI) coding capabilities — further underscoring a significant push into developer tooling as it scales Claude Code, its code-generation platform. Financial terms of the deal were not disclosed, but Anthropic emphasized that Bun will remain open source and MIT-licensed. The […]
Second Coming of Shai-Hulud Cyberattack Ravages JavaScript Repositories
A major expansion of the self-propagating Shai-Hulud cyberattack aimed at popular node package managers (npms) used by JavaScript application developers is creating a major headache for DevSecOps teams around the globe. Based on what is being described as the “Second Coming” of Shai-Hulud, this version affects a much wider range of npms and is much […]
Microsoft Engineers Highlight Git Repository Bloat Flaw
A Git functionality shortcoming means Git calculates changes between different versions of the same file, which ultimately creates repository bloat through the excess storage requirements that result.
Open-Source Software Community Riled by Yet Another CVE
Another maintainer of an open-source software project has decided to no longer actively update IP address parsing utilities used widely by JavaScript developers.
Polyfill Becomes a Supply-Chain Risk to 100,000 Websites
A Chinese company in February bought the domain and GitHub account for Polyfill, a popular open-source library used by more than 100,000 websites to deliver JavaScript code.
Steady On. We Still Have a Job to Do
AI-generated change is not significantly different than the last couple decades where change has become IT’s constant companion.
Dev of core-js Will Flip Table ¦ Another 451 PyPI Maldeps
In this week’s #TheLongView: Denis Pushkarev is fed up with core-js freeloaders, and hundreds more malicious packages found at PyPI.
- 1
- 2
- 3
- 4
- Next Page »